145 research outputs found
Can I teach mathematics? A study of preservice teachers’ self-efficacy and mathematics anxiety
This paper presents two studies (qualitative and quantitative) with the shared goal of exploring preservice teachers’ (PSTs’) experiences of mathematics anxiety and self-efficacy for mathematics teaching. Findings indicate that PSTs experience high levels of mathematics anxiety, impacting current learning and preference for teaching the content, as well as the development of self-efficacy for teaching mathematics and conceptions of ideal teaching. Findings regarding anxiety (fear) of evaluation and concern about being able to inspire students in their future classrooms converged across studies
Elementary prospective teachers’ visions of moving beyond mathematics anxiety
Previous studies of prospective elementary mathematics teachers’ mathematics anxiety have documented that many prospective teachers often worry about managing their repeated experiences of anxiety while developing their pedagogical and content knowledge to teach mathematics. The literature further indicates the importance of developing learning opportunities for prospective teachers to confront their past experiences while they (re)learn and learn to teach mathematics during methods courses. This study is situated within one such learning opportunity and seeks to analyze potential mathematics anxiety coping strategies generated by forty-eight prospective elementary teachers enrolled in a mathematical methods course. Written responses generated by the prospective teachers were subjected to qualitative thematic analysis to identify patterns of key ideas related to lesson planning for content they felt anxious and/or not confident about teaching and patterns focused on episodes of mathematics anxiety they might experience in the moment of teaching mathematics. Findings indicate that prospective teachers envision using between two and seven strategies grouped across eight coping strategy themes when given the opportunity to reflect on how they might deal with future instances of anxiety when they are tasked with teaching mathematics to their students. We highlight how some of the coping strategies that the prospective teachers envisioned as a means to cope with mathematics anxiety may have more potential to be helpful than others and present implications of our research for mathematics teacher educators
From numbers to narratives: Preservice teachers experiences’ with mathematics anxiety and mathematics teaching anxiety
This paper presents qualitative and quantitative approaches to exploring teachers’ experiences of mathematics anxiety (for learning and doing mathematics) and mathematics teaching anxiety (for instructing others in mathematics), the relationship between these types of anxiety and test/evaluation anxiety, and the impacts of anxiety on experiences in teacher education. Findings indicate that mathematics anxiety and mathematics teaching anxiety may be similar (i.e., that preservice teachers perceive a logical continuity and cumulative effect of their experiences of mathematics anxiety as learners in K–12 classrooms that impacts their work as teachers in future K–12 classrooms). Further, anxiety is not limited to occurring in evaluative settings, but when anxiety is triggered by thoughts of evaluation, preservice teachers may be affected by worrying about their own as well as their students\u27 performances. The implications for preservice experiences within a teacher education program and for impacting future students are discussed
Key exchange with the help of a public ledger
Blockchains and other public ledger structures promise a new way to create
globally consistent event logs and other records. We make use of this
consistency property to detect and prevent man-in-the-middle attacks in a key
exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates
an inconsistency in the world views of the two honest parties, and they can
detect it with the help of the ledger. Thus, there is no need for prior
knowledge or trusted third parties apart from the distributed ledger. To
prevent impersonation attacks, we require user interaction. It appears that, in
some applications, the required user interaction is reduced in comparison to
other user-assisted key-exchange protocols
Threshold password-authenticated key exchange
Abstract. In most password-authenticated key exchange systems there is a single server storing password verification data. To provide some resilience against server compromise, this data typically takes the form of a one-way function of the password (and possibly a salt, or other public values), rather than the password itself. However, if the server is compromised, this password verification data can be used to perform an offline dictionary attack on the user’s password. In this paper we propose an efficient password-authenticated key exchange system involving a set of servers, in which a certain threshold of servers must participate in the authentication of a user, and in which the compromise of any fewer than that threshold of servers does not allow an attacker to perform an offline dictionary attack. We prove our system is secure in the random oracle model under the Decision Diffie-Hellman assumption against an attacker that may eavesdrop on, insert, delete, or modify messages between the user and servers, and that compromises fewer than that threshold of servers.
On the security of some password-based key agreement schemes
In this paper we show that two potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon's scheme, namely the first password-based key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from one or both of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suffer from these two security vulnerabilities. Finally, we propose means to remove these security vulnerabilities
Childhood cancer and nuclear power plants in Switzerland: a census-based cohort study
Background Previous studies on childhood cancer and nuclear power plants (NPPs) produced conflicting results. We used a cohort approach to examine whether residence near NPPs was associated with leukaemia or any childhood cancer in Switzerland
An Offline Dictionary Attack Against zkPAKE Protocol
Password Authenticated Key Exchange (PAKE) allows a
user to establish a strong cryptographic key with a server,
using only knowledge of a pre-shared password. One of the
basic security requirements of PAKE is to prevent o ine
dictionary attacks.
In this paper, we revisit zkPAKE, an augmented PAKE
that has been recently proposed by Mochetti, Resende, and
Aranha (SBSeg 2015). Our work shows that the zkPAKE
protocol is prone to o ine password guessing attack, even
in the presence of an adversary that has only eavesdropping
capabilities. Therefore, zkPAKE is insecure and should not
be used as a password-authenticated key exchange mechanis
A method for making password-based key exchange resilient to server compromise
Abstract. This paper considers the problem of password-authenticated key exchange (PAKE) in a client-server setting, where the server authenticates using a stored password file, and it is desirable to maintain some degree of security even if the server is compromised. A PAKE scheme is said to be resilient to server compromise if an adversary who compromises the server must at least perform an offline dictionary attack to gain any advantage in impersonating a client. (Of course, offline dictionary attacks should be infeasible in the absence of server compromise.) One can see that this is the best security possible, since by definition the password file has enough information to allow one to play the role of the server, and thus to verify passwords in an offline dictionary attack. While some previous PAKE schemes have been proven resilient to server compromise, there was no known general technique to take an arbitrary PAKE scheme and make it provably resilient to server compromise. This paper presents a practical technique for doing so which requires essentially one extra round of communication and one signature computation/verification. We prove security in the universal composability framework by (1) defining a new functionality for PAKE with resilience to server compromise, (2) specifying a protocol combining this technique with a (basic) PAKE functionality, and (3) proving (in the random oracle model) that this protocol securely realizes the new functionality.
Making Password Authenticated Key Exchange Suitable For Resource-Constrained Industrial Control Devices
Connectivity becomes increasingly important also for small embedded systems such as typically found in industrial control installations. More and more use-cases require secure remote user access increasingly incorporating handheld based human machine interfaces, using wireless links such as Bluetooth. Correspondingly secure operator authentication becomes of utmost importance. Unfortunately, often passwords with all their well-known pitfalls remain the only practical mechanism.
We present an assessment of the security requirements for the industrial setting, illustrating that offline attacks on passwords-based authentication protocols should be considered a significant threat. Correspondingly use of a Password Authenticated Key Exchange protocol becomes desirable. We review the signif-icant challenges faced for implementations on resource-constrained devices.
We explore the design space and shown how we succeeded in tailoring a partic-ular variant of the Password Authenticated Connection Establishment (PACE) protocol, such that acceptable user interface responsiveness was reached even for the constrained setting of an ARM Cortex-M0+ based Bluetooth low-energy transceiver running from a power budget of 1.5 mW without notable energy buffers for covering power peak transients
- …