18,035 research outputs found
Defeating the Ben-Zvi, Blackburn, and Tsaban Attack on the Algebraic Eraser
The Algebraic Eraser Diffie-Hellman (AEDH) protocol was introduced in 2005
and published in 2006 by Anshel-Anshel-Goldfeld-Lemieux as a protocol suitable
for use on platforms with constrained computational resources, such as FPGAs,
ASICs, and wireless sensors. It is a group-theoretic cryptographic protocol
that allows two users to construct a shared secret via a Diffie-Hellman-type
scheme over an insecure channel.
Building on the refuted 2012 permutation-based attack of
Kalka-Teichner-Tsaban, in 2015 Ben-Zvi-Blackburn-Tsaban (BBT) presented a
heuristic attack that attempts to recover the AEDH shared secret. In their
paper BBT reference the AEDH protocol as presented to ISO for certification
(ISO 29167-20) by SecureRF. The ISO draft contains two profiles using the
Algebraic Eraser. One profile is unaffected by this attack; the second profile
is subject to their attack provided the attack runs in real time. This is not
the case in most practical deployments.
The BBT attack is simply a targeted attack that does not attempt to break the
method, system parameters, or recover any private keys. Rather, its limited
focus is to recover the shared secret in a single transaction. In addition, the
BBT attack is based on several conjectures that are assumed to hold when
parameters are chosen according to standard distributions, which can be
mitigated, if not avoided. This paper shows how to choose special distributions
so that these conjectures do not hold making the BBT attack ineffective for
braid groups with sufficiently many strands. Further, the BBT attack assumes
that certain data is available to an attacker, but there are realistic
deployment scenarios where this is not the case, making the attack fail
completely. In summary, the BBT attack is flawed (with respect to the SecureRF
ISO draft) and, at a minimum, over-reaches as to its applicability
Herald of Holiness Volume 56, Number 42 (1967)
02 The Bible-the Great Disturber By General Superintendent Coulter 03 Traveling in Circle By G. Franklin Allee 04 They Linger By William Goodman 05 Keys By Milo Arnold 06 It Wonât Be Gone Tomorrow By Robert H. Scott 07 Sustaining Faith By Pearl Burnside McKinney 08 The life-sustaining Word By E. E. Wordsworth 09 Helps to Holy Living: How Effective Is Your Life? By Ronald Fry 10 Editorially Speaking By W. T. Purkiser 11 The Bible By Kathryn Blackburn Peck 12 Stories Missionaries Never Tell By Elden Rawlings 14 Roads to a Radiant Lift: What Time I Am Afraid By Paul Culbertson 14 News of Revival 15 Pro/Con: Letters to the Editor 16 Campus Commentary By Dr. Willis Snowbarger 17 Vital Statistics 17 News of Religion 18 Of People and Places 19 Next Sunday\u27s Lesson By A. Elwood Sanner 19 The Answer Corner Conducted by W. T. Purkiserhttps://digitalcommons.olivet.edu/cotn_hoh/2487/thumbnail.jp
Distinct difference configurations: multihop paths and key predistribution in sensor networks
A distinct difference configuration is a set of points in Z2 with the property that the vectors (difference vectors) connecting any two of the points are all distinct. Many specific examples of these configurations have been previously studied: the class of distinct difference configurations includes both Costas arrays and sonar sequences, for example. Motivated by an application of these structures in key predistribution for wireless sensor networks, we define the k-hop coverage of a distinct difference configuration to be the number of distinct vectors that can be expressed as the sum of k or fewer difference vectors. This is an important parameter when distinct difference configurations are used in the wireless sensor application, as this parameter describes the density of nodes that can be reached by a short secure path in the network. We provide upper and lower bounds for the k-hop coverage of a distinct difference configuration with m points, and exploit a connection with Bh sequences to construct configurations with maximal k-hop coverage. We also construct distinct difference configurations that enable all small vectors to be expressed as the sum of two of the difference vectors of the configuration, an important task for local secure connectivity in the application
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
Contextualism, Moral Disagreement, and Proposition Clouds
According to contextualist theories in metaethics, when you use a moral term in a context, the context plays an ineliminable part in determining what natural property will be the semantic value of the term. Furthermore, on subjectivist and relativist versions of these views, it is either the speaker's own moral code or her moral community's moral code that constitutes the reference-fixing context. One standard objection to views of this type is that they fail to enable us to disagree in ordinary conversations. In this chapter, I develop a new response to this objection on the basis of Kai von Fintel and Anthony Gillies' notion of proposition clouds. I argue that, because we live in a multicultural society, the conversational contexts we face will fail to disambiguate between all the things we could mean. This is why we can at best put into play proposition clouds when we make moral utterances. All the propositions in such clouds are then available for rejection and acceptance on the behalf of our audiences. The norms of conversation then guide us to make informative contributions to the conversation - accept and reject propositions in a way that leads to co-ordination of action and choice
Cryptanalysis of three matrix-based key establishment protocols
We cryptanalyse a matrix-based key transport protocol due to Baumslag, Camps,
Fine, Rosenberger and Xu from 2006. We also cryptanalyse two recently proposed
matrix-based key agreement protocols, due to Habeeb, Kahrobaei and Shpilrain,
and due to Romanczuk and Ustimenko.Comment: 9 page
Enabling Social Applications via Decentralized Social Data Management
An unprecedented information wealth produced by online social networks,
further augmented by location/collocation data, is currently fragmented across
different proprietary services. Combined, it can accurately represent the
social world and enable novel socially-aware applications. We present
Prometheus, a socially-aware peer-to-peer service that collects social
information from multiple sources into a multigraph managed in a decentralized
fashion on user-contributed nodes, and exposes it through an interface
implementing non-trivial social inferences while complying with user-defined
access policies. Simulations and experiments on PlanetLab with emulated
application workloads show the system exhibits good end-to-end response time,
low communication overhead and resilience to malicious attacks.Comment: 27 pages, single ACM column, 9 figures, accepted in Special Issue of
Foundations of Social Computing, ACM Transactions on Internet Technolog
A unified approach to combinatorial key predistribution schemes for sensor networks
There have been numerous recent proposals for key predistribution schemes for wireless sensor networks based on various types of combinatorial structures such as designs and codes. Many of these schemes have very similar properties and are analysed in a similar manner. We seek to provide a unified framework to study these kinds of schemes. To do so, we define a new, general class of designs, termed âpartially balanced t-designsâ, that is sufficiently general that it encompasses almost all of the designs that have been proposed for combinatorial key predistribution schemes. However, this new class of designs still has sufficient structure that we are able to derive general formulas for the metrics of the resulting key predistribution schemes. These metrics can be evaluated for a particular scheme simply by substituting appropriate parameters of the underlying combinatorial structure into our general formulas. We also compare various classes of schemes based on different designs, and point out that some existing proposed schemes are in fact identical, even though their descriptions may seem different. We believe that our general framework should facilitate the analysis of proposals for combinatorial key predistribution schemes and their comparison with existing schemes, and also allow researchers to easily evaluate which scheme or schemes present the best combination of performance metrics for a given application scenario
- âŚ