Message in a bottle: Sailing past censorship

Exploiting recent advances in monitoring technology and the drop of its costs, authoritarian and oppressive regimes are tightening the grip around the virtual lives of their citizens. Meanwhile, the dissidents, oppressed by these regimes, are organizing online, cloaking their activity with anti-censorship systems that typically consist of a network of anonymizing proxies. The censors have become well aware of this, and they are systematically finding and blocking all the entry points to these networks. So far, they have been quite successful. We believe that, to achieve resilience to blocking, anti-censorship systems must abandon the idea of having a limited number of entry points. Instead, they should establish first contact in an online location arbitrarily chosen by each of their users. To explore this idea, we have developed Message In A Bottle, a protocol where any blog post becomes a potential “drop point ” for hidden messages. We have developed and released a proof-of-concept application using our system, and demonstrated its feasibility. To block this system, censors are left with a needle-in-a-haystack problem: Unable to identify what bears hidden messages, they must block everything, effectively disconnecting their own network from a large part of the Internet. This, hopefully, is a cost too high to bear.

Design and commissioning of a thermal stability test-rig for mixtures as working fluids for ORC applications

A novel test-rig for studying the thermal stability of mixtures as working fluids for ORC applications was designed and commissioned at the Laboratory of Compressible-fluid dynamics for Renewable Energy Applications (CREA) of Politecnico di Milano, in collaboration with the University of Brescia. The set-up is a standard one, in which a vessel containing the fluid under scrutiny is placed in a vertical oven for ~ 100 hours at a constant temperature T = Tstress. During the test, the pressure P is monitored to detect thermal decomposition of the fluid. After the test, the vessel is placed in a controlled thermal bath, where the pressure is measured at different value of the temperature T, with T < Tstress and T < Tc (Tc critical temperature). The resulting isochoric pressure-temperature dependence is compared to that obtained before the fluid underwent thermal stress. If departure from the initial fluid behavior is observed, significant thermal decomposition occurred and a chemical analysis of the decomposition products is carried out using gas chromatography and mass spectroscopy. The novelty of the set-up is the possibility of taking samples of both liquid and vapor phases of the fluid, a capability that was introduced to study thermal decomposition of mixtures, whose composition depends on the pressure and temperature, as well as to capture the more volatile products of thermal decomposition of pure fluids and mixtures. Preliminary experimental results are reported for the pure siloxane fluid MDM (Octamethyltrisiloxane, C8H24O2Si3)

Known and unknown event detection in OTDR traces by deep learning networks

Optical fiber links are customarily monitored by Optical Time Domain Reflectometer (OTDR), an optoelectronic instrument that measures the scattered or reflected light along the fiber and returns a signal, namely the OTDR trace. OTDR traces are typically analyzed by experts in laboratories or by hand-crafted algorithms running in embedded systems to localize critical events occurring along the fiber. In this work, we address the problem of automatically detecting optical events in OTDR traces through a deep learning model that can be deployed in embedded systems. In particular, we take inspiration from Faster R-CNN and present the first 1D object-detection neural network for OTDR traces. Thanks to an ad-hoc preprocessing pipeline for OTDR traces, we can also identify unknown events, namely events that are not represented in training data but that might indicate rare and unforeseen situations that need to be reported. The resulting network brings several advantages with respect to existing solutions, as these typically classify fixed-size windows of OTDR traces, thus are less accurate in the localization. Moreover, existing solutions do not report events that cannot be safely associated to any label in the training set. Our experiments, performed on real OTDR traces, show very promising performance, and can be directly executed on embedded OTDR devices

Cap rock efficiency of geothermal systems in fold-and-thrust belts:evidence from paleo-thermal and structural analyses in Rosario de La Frontera geothermal area (NW Argentina)

Cap rock characterization of geothermal systems is often neglected despite fracturing may reduce its efficiency and favours fluid migration. We investigated the siliciclastic cap rock of Rosario de La Frontera geothermal system (NW Argentina) in order to assess its quality as a function of fracture patterns and related thermal alteration. Paleothermal investigations (XRD on fine-grained fraction of sediments, organic matter optical analysis and fluid inclusions on veins) and 1D thermal modelling allowed us to distinguish the thermal fingerprint associated to sedimentary burial from that related to fluid migration. The geothermal system is hosted in a Neogene N-S anticline dissected by high angle NNW- and ENE-striking faults. Its cap rock can be grouped into two quality categories: ● rocks acting as good insulators deformed by NNW–SSE and E–W shear fractures, NNE-SSW gypsum- and N-S striking calcite-filled veins formed during the initial stage of anticline growth. Maximum paleo-temperatures (<60°C) were experienced during deposition to folding phases. ● rocks acting as bad insulators deformed by NNW-SSE fault planes and NNW- and WNW-striking sets of fractures associated to late transpressive kinematics. Maximum paleo-temperatures higher than about 115°C are linked to fluid migration from the reservoir to surface (with a reservoir top at maximum depths of 2.5 km) along fault damage zones. This multi-method approach turn out to be particularly useful to trace the main pathways of hot fluids and can be applied in blind geothermal systems where either subsurface data are scarce or surface thermal anomalies are lacking

Practical Attacks Against Graph-based Clustering

Graph modeling allows numerous security problems to be tackled in a general way, however, little work has been done to understand their ability to withstand adversarial attacks. We design and evaluate two novel graph attacks against a state-of-the-art network-level, graph-based detection system. Our work highlights areas in adversarial machine learning that have not yet been addressed, specifically: graph-based clustering techniques, and a global feature space where realistic attackers without perfect knowledge must be accounted for (by the defenders) in order to be practical. Even though less informed attackers can evade graph clustering with low cost, we show that some practical defenses are possible.Comment: ACM CCS 201

Hybrid Post-Quantum Signatures in Hardware Security Keys

Recent advances in quantum computing are increasingly jeopardizing the security of cryptosystems currently in widespread use, such as RSA or elliptic-curve signatures. To address this threat, researchers and standardization institutes have accelerated the transition to quantum-resistant cryptosystems, collectively known as Post-Quantum Cryptography (PQC). These PQC schemes present new challenges due to their larger memory and computational footprints and their higher chance of latent vulnerabilities. In this work, we address these challenges by introducing a scheme to upgrade the digital signatures used by security keys to PQC. We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks. We experimentally show that our hybrid signature scheme can successfully execute on current security keys, even though secure PQC schemes are known to require substantial resources. We publish an open-source implementation of our scheme at https://github.com/google/OpenSK/releases/tag/hybrid-pqc so that other researchers can reproduce our results on a nRF52840 development kit