Venus cusp observations during 1969 - Synopsis of results

Venus cusp observations during 196

Asymptotic information leakage under one-try attacks

We study the asymptotic behaviour of (a) information leakage and (b) adversary’s error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where a prior probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize the leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al., and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models

Performance of Solar-Assisted Modified-Open-Front Swine Nurseries

Performance data of two modified-open-front non-mechanically ventilated swine nurseries have shown that solar energy can be effectively utilized to maintain a productive environment within the animal space during cold weather (temperatures as low as -26°C ( - 15 °F). The nurseries feature a monoslope roof design and passive collector panels that also function as warm weather ventilation panels. An active solar-heating system uses a ground-level collector operated in conjunction with an in-floor solar heat distribution and storage system. The nurseries were designed to handle pigs weighing from 7 to 23 kg (15 to 50 lb). An average of 19% of the solar energy incident on the collector was transferred to the floor surface during the heating seasons from October 1980 to January 1982. Season heating costs were approximately 1.0% of the estimated cost to heat the nursery by conventional means

Quantitative information flow, with a view

We put forward a general model intended for assessment of system security against passive eavesdroppers, both quantitatively ( how much information is leaked) and qualitatively ( what properties are leaked). To this purpose, we extend information hiding systems ( ihs ), a model where the secret-observable relation is represented as a noisy channel, with views : basically, partitions of the state-space. Given a view W and n independent observations of the system, one is interested in the probability that a Bayesian adversary wrongly predicts the class of W the underlying secret belongs to. We offer results that allow one to easily characterise the behaviour of this error probability as a function of the number of observations, in terms of the channel matrices defining the ihs and the view W . In particular, we provide expressions for the limit value as n → ∞, show by tight bounds that convergence is exponential, and also characterise the rate of convergence to predefined error thresholds. We then show a few instances of statistical attacks that can be assessed by a direct application of our model: attacks against modular exponentiation that exploit timing leaks, against anonymity in mix-nets and against privacy in sparse datasets

System-level Non-interference for Constant-time Cryptography

International audienceCache-based attacks are a class of side-channel attacks that are particularly effective in virtualized or cloud-based en-vironments, where they have been used to recover secret keys from cryptographic implementations. One common ap-proach to thwart cache-based attacks is to use constant-time implementations, i.e. which do not branch on secrets and do not perform memory accesses that depend on secrets. How-ever, there is no rigorous proof that constant-time implemen-tations are protected against concurrent cache-attacks in virtualization platforms with shared cache; moreover, many prominent implementations are not constant-time. An alter-native approach is to rely on system-level mechanisms. One recent such mechanism is stealth memory, which provisions a small amount of private cache for programs to carry po-tentially leaking computations securely. Stealth memory in-duces a weak form of constant-time, called S-constant-time, which encompasses some widely used cryptographic imple-mentations. However, there is no rigorous analysis of stealth memory and S-constant-time, and no tool support for check-ing if applications are S-constant-time. We propose a new information-flow analysis that checks if an x86 application executes in constant-time, or in S-constant-time. Moreover, we prove that constant-time (resp. S-constant-time) programs do not leak confidential infor-mation through the cache to other operating systems exe-cuting concurrently on virtualization platforms (resp. plat-forms supporting stealth memory). The soundness proofs are based on new theorems of independent interest, includ-ing isolation theorems for virtualization platforms (resp. plat-forms supporting stealth memory), and proofs that constant-time implementations (resp. S-constant-time implementa-tions) are non-interfering with respect to a strict information flow policy which disallows that control flow and memory ac-cesses depend on secrets. We formalize our results using the Coq proof assistant and we demonstrate the effectiveness of our analyses on cryptographic implementations, including PolarSSL AES, DES and RC4, SHA256 and Salsa20

Generating entangled atom-photon pairs from Bose-Einstein condensates

We propose using spontaneous Raman scattering from an optically driven Bose-Einstein condensate as a source of atom-photon pairs whose internal states are maximally entangled. Generating entanglement between a particle which is easily transmitted (the photon) and one which is easily trapped and coherently manipulated (an ultracold atom) will prove useful for a variety of quantum-information related applications. We analyze the type of entangled states generated by spontaneous Raman scattering and construct a geometry which results in maximum entanglement

CacheZoom: How SGX Amplifies The Power of Cache Attacks

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a trusted execution environment within the processor. SGX relies on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards side-channel attacks. We introduce a powerful cache side-channel attack that provides system adversaries a high resolution channel. Our attack tool named CacheZoom is able to virtually track all memory accesses of SGX enclaves with high spatial and temporal precision. As proof of concept, we demonstrate AES key recovery attacks on commonly used implementations including those that were believed to be resistant in previous scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous works which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover AES keys from T-Table based implementations with as few as ten measurements.Comment: Accepted at Conference on Cryptographic Hardware and Embedded Systems (CHES '17

Social preferences, accountability, and wage bargaining

We assess the extent of preferences for employment in a collective wage bargaining situation with heterogeneous workers. We vary the size of the union and introduce a treatment mechanism transforming the voting game into an individual allocation task. Our results show that highly productive workers do not take employment of low productive workers into account when making wage proposals, regardless of whether insiders determine the wage or all workers. The level of pro-social preferences is small in the voting game, while it increases as the game is transformed into an individual allocation task. We interpret this as an accountability effect

The lifecycle of affirmative action policies and its effect on effort and sabotage behavior

A main goal of affirmative action (AA) policies is to enable disadvantaged groups to compete with their privileged counterparts. Existing theoretical and empirical research documents that incorporating AA can result in both more egalitarian outcomes and higher exerted efforts. However, the direct behavioral effects of the introduction and removal of such policies are still under-researched. It is also unclear how specific AA policy instruments, for instance, head- start for a disadvantaged group or handicap for the privileged group, affect behavior. We examine these questions in a laboratory experiment in which individuals participate in a real- effort tournament and can sabotage each other. We find that AA does not necessarily result in higher effort. High performers that already experienced an existing AA-free tournament reduce their effort levels after the introduction of the AA policy. There is less sabotage under AA when the tournament started directly with the AA regime. The removal of AA policies, however, significantly intensifies sabotage. Finally, there are no overall systematic differences between handicap and head-start in terms of effort provision or sabotaging behavior

Cache Based Power Analysis Attacks on AES

International audienceThis paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on sidechannel information gained by observing cache hits and misses in the current drawn by the smart card. Two dierent attacks are described. The first is a combination of ideas proposed in [2] and [11] to produce an attack that only requires the manipulation of the plain text and the observation of the current. The second is an attack based on specific implementations of the xtime function [10]. These attacks are shown to also work against algorithms using Boolean data masking techniques as a DPA countermeasure