Towards mechanized correctness proofs for cryptographic algorithms: Axiomatization of a probabilistic Hoare style logic

In [Corin, den Hartog in ICALP 2006] we build a formal verification technique for game based correctness proofs of cryptograhic algorithms based on a probabilistic Hoare style logic [den Hartog, de Vink in IJFCS 13(3), 2002]. An important step towards enabling mechanized verification within this technique is an axiomatization of implication between predicates which is purely semantically defined in [den Hartog, de Vink in IJFCS 13(3), 2002]. In this paper we provide an axiomatization and illustrate its place in the formal verification technique of [Corin, den Hartog in ICALP 2006]

Comment on "Conductance fluctuations in mesoscopic normal-metal/superconductor samples"

Recently, Hecker et al. [Phys. Rev. Lett. 79, 1547 (1997)] experimentally studied magnetoconductance fluctuations in a mesoscopic Au wire connected to a superconducting Nb contact. They claimed to have observed an enhancement of the rms magnitude of these conductance fluctuations in the superconducting state (rms(Gns)) relative to that in the normal state (rms(Gn)) by a factor of 2.8. In this comment, we argue that the measured rms(Gns) is NOT significantly enhanced compared to rms(Gn) when we correct for the presence of an incoherent series resistance from the contacts, which is different when Nb is in the superconducting or normal state.Comment: 1 pag

Melting properties of radiation-induced Na and Cl2 precipitates in ultra-heavily irradiated NaCl

Exposure of NaCl to high doses of ionizing radiation leads to the formation of nano-particles of metallic Na, very small chlorine precipitates, vacancy voids, and dislocations. A useful way to monitor the stage of the damage formation process is measuring the latent heat of melting of the Na-particles (~100°C) and chlorine precipitates (-101°C). In this paper we will present data, showing that for doses in the range of TRad (1010 Gy) the concentration of radiolytic Na may become very large. Even in pure samples, we have converted more than 20% of all NaCl molecules into metallic Na and chlorine, but often higher percentages can be achieved. In this paper we will present new data obtained for ultra-high irradiation doses and a first attempt will be made to understand the results.

Virtual Analysis and Reduction of Side-Channel Vulnerabilities of Smartcards

This paper focuses on the usability of the PINPAS tool. The PINPAS tool is an instruction-level interpreter for smartcard assembler languages, augmented with facilities to study side-channel vulnerabilities. The tool can simulate side-channel leakage and has a suite of utilities to analyze this. The usage of the tool, for the analysis of a cryptographic algorithm is illustrated using the standard AES and RSA. Vulnerabilities of the implementations are identified and protective measures added. It is argued, that the tool can be instrumental for the design and realization of secure smartcard implementations in a systematic wa

Privacy in an Ambient World

Privacy is a prime concern in today's information society. To protect\ud the privacy of individuals, enterprises must follow certain privacy practices, while\ud collecting or processing personal data. In this chapter we look at the setting where an\ud enterprise collects private data on its website, processes it inside the enterprise and\ud shares it with partner enterprises. In particular, we analyse three different privacy\ud systems that can be used in the different stages of this lifecycle. One of them is the\ud Audit Logic, recently introduced, which can be used to keep data private when it\ud travels across enterprise boundaries. We conclude with an analysis of the features\ud and shortcomings of these systems

Power analysis on smartcard algorithms using simulation

This paper presents the results from a power analysis of the AES and RSA algorithms by\ud simulation using the PINPAS tool. The PINPAS tool is capable of simulating the power\ud consumption of assembler programs implemented in, amongst others, Hitachi H8/300\ud assembler. The Hitachi H8/300 is a popular CPU for smartcards. Using the PINPAS tool, the\ud vulnerability for power analysis attacks of straightforward AES and RSA implementations is\ud examined. In case a vulnerability is found countermeasures are added to the implementation\ud that attempt to counter power analysis attacks. After these modifications the analysis is\ud performed again and the new results are compared to the original results

Effect of radiation-induced emission of Schottky defects on the formation of colloids in alkali halides

Formation of vacancy clusters in irradiated crystals is considered taking into account radiation-induced Schottky defect emission (RSDE) from extended defects. RSDE acts in the opposite direction compared with Frenkel pair production, and it results in the radiation-induced recovery processes. In the case of alkali halides, Schottky defects can be produced as a result of the interaction of extended defects with excitons, as has been suggested previously. We consider a model that takes into account excitonic mechanisms for the creation of both Frenkel and Schottky defects, and which shows that although the contribution of the latter mechanism to the production of primary defects may be small, its role in the radiation-induced evolution of microstructure can be very significant. The model is applied to describe the evolution of sodium colloids and the formation of voids in NaCl, which is followed by a sudden fracture of the material, presenting a potential problem in rock salt-based nuclear waste repositories. The temperature, dose rate and dose dependence of colloid growth in NaCl doped with different types of impurities is analyzed. We have found that colloid growth may become negative below a threshold temperature (or above a threshold dose rate), or below a certain impurity concentration, which is determined by the RSDE, that depends strongly on the type and concentration of the impurities. The results obtained with the model are compared with experimental observations.

Audit-based Compliance Control (AC2) for EHR Systems

Traditionally, medical data is stored and processed using paper-based files. Recently, medical facilities have started to store, access and exchange medical data in digital form. The drivers for this change are mainly demands for cost reduction, and higher quality of health care. The main concerns when dealing with medical data are availability and confidentiality. Unavailability (even temporary) of medical data is expensive. Physicians may not be able to diagnose patients correctly, or they may have to repeat exams, adding to the overall costs of health care. In extreme cases availability of medical data can even be a matter of life or death. On the other hand, confidentiality of medical data is also important. Legislation requires medical facilities to observe the privacy of the patients, and states that patients have a final say on whether or not their medical data can be processed or not. Moreover, if physicians, or their EHR systems, are not trusted by the patients, for instance because of frequent privacy breaches, then patients may refuse to submit (correct) information, complicating the work of the physicians greatly. \ud \ud In traditional data protection systems, confidentiality and availability are conflicting requirements. The more data protection methods are applied to shield data from outsiders the more likely it becomes that authorized persons will not get access to the data in time. Consider for example, a password verification service that is temporarily not available, an access pass that someone forgot to bring, and so on. In this report we discuss a novel approach to data protection, Audit-based Compliance Control (AC2), and we argue that it is particularly suited for application in EHR systems. In AC2, a-priori access control is minimized to the mere authentication of users and objects, and their basic authorizations. More complex security procedures, such as checking user compliance to policies, are performed a-posteriori by using a formal and automated auditing mechanism. To support our claim we discuss legislation concerning the processing of health records, and we formalize a scenario involving medical personnel and a basic EHR system to show how AC2 can be used in practice. \ud \ud This report is based on previous work (Dekker & Etalle 2006) where we assessed the applicability of a-posteriori access control in a health care scenario. A more technically detailed article about AC2 recently appeared in the IJIS journal, where we focussed however on collaborative work environments (Cederquist, Corin, Dekker, Etalle, & Hartog, 2007). In this report we first provide background and related work before explaining the principal components of the AC2 framework. Moreover we model a detailed EHR case study to show its operation in practice. We conclude by discussing how this framework meets current trends in healthcare and by highlighting the main advantages and drawbacks of using an a-posteriori access control mechanism as opposed to more traditional access control mechanisms

Innovative Work Behaviour: Measurement and Validation

Although both scientists and practitioners emphasize the importance of innovative work behavior (IWB) of individual employees for organizational success, the measurement of employees' IWB is still in evolution. Here, we present two multi-source studies that aimed to develop and validate a measure of IWB. Four related dimensions of IWB are distinguished: opportunity exploration, idea generation, championing and application. We derived a tenitem measure of these IWB dimensions from a pilot survey among matched dyads of 81 professionals in a research institute and their supervisors. Next, a survey among a matching sample of 703 knowledge workers and their supervisors from 94 different firms was done. We used confirmatory factor analyses to examine convergent and discriminant validity, and hierarchical multilevel regression to test hypothesized relationships of IWB with participative leadership, external work contacts and innovative output (proposed as an initial nomological network). Results demonstrate strong convergent validity of the IWB measure as all four dimensions contribute to an overall measure of IWB. Support for discriminant validity is weaker as correlations between some dimensions are relatively high. Finally, IWB is positively related with participative leadership, external work contacts and innovative output, providing first evidence for nomological validity.

Two-point motional Stark effect diagnostic for Madison Symmetric Torus

A high-precision spectral motional Stark effect (MSE) diagnostic provides internal magnetic field measurements for Madison Symmetric Torus (MST) plasmas. Currently, MST uses two spatial views-on the magnetic axis and on the midminor (off-axis) radius, the latter added recently. A new analysis scheme has been developed to infer both the pitch angle and the magnitude of the magnetic field from MSE spectra. Systematic errors are reduced by using atomic data from atomic data and analysis structure in the fit. Reconstructed current density and safety factor profiles are more strongly and globally constrained with the addition of the off-axis radius measurement than with the on-axis one only