Computational Soundness for Dalvik Bytecode

Automatically analyzing information flow within Android applications that rely on cryptographic operations with their computational security guarantees imposes formidable challenges that existing approaches for understanding an app's behavior struggle to meet. These approaches do not distinguish cryptographic and non-cryptographic operations, and hence do not account for cryptographic protections: f(m) is considered sensitive for a sensitive message m irrespective of potential secrecy properties offered by a cryptographic operation f. These approaches consequently provide a safe approximation of the app's behavior, but they mistakenly classify a large fraction of apps as potentially insecure and consequently yield overly pessimistic results. In this paper, we show how cryptographic operations can be faithfully included into existing approaches for automated app analysis. To this end, we first show how cryptographic operations can be expressed as symbolic abstractions within the comprehensive Dalvik bytecode language. These abstractions are accessible to automated analysis, and they can be conveniently added to existing app analysis tools using minor changes in their semantics. Second, we show that our abstractions are faithful by providing the first computational soundness result for Dalvik bytecode, i.e., the absence of attacks against our symbolically abstracted program entails the absence of any attacks against a suitable cryptographic program realization. We cast our computational soundness result in the CoSP framework, which makes the result modular and composable.Comment: Technical report for the ACM CCS 2016 conference pape

Quantitative information flow under generic leakage functions and adaptive adversaries

We put forward a model of action-based randomization mechanisms to analyse quantitative information flow (QIF) under generic leakage functions, and under possibly adaptive adversaries. This model subsumes many of the QIF models proposed so far. Our main contributions include the following: (1) we identify mild general conditions on the leakage function under which it is possible to derive general and significant results on adaptive QIF; (2) we contrast the efficiency of adaptive and non-adaptive strategies, showing that the latter are as efficient as the former in terms of length up to an expansion factor bounded by the number of available actions; (3) we show that the maximum information leakage over strategies, given a finite time horizon, can be expressed in terms of a Bellman equation. This can be used to compute an optimal finite strategy recursively, by resorting to standard methods like backward induction.Comment: Revised and extended version of conference paper with the same title appeared in Proc. of FORTE 2014, LNC

Моделирование кинетики синтеза Фишера- Тропша на ультрадисперсном катализаторе

Large area pulsed laser deposition of alumina on stainless steel with Ar or Ar/O2 mixtures as processing gas in investigated using excimer laser radiation. The high area coveraging was achieved by a simultaneous movement of target and substrate in combination with the use of a certain power density distribution achieving a special angular distribution of the vapour/plasma plume. The chemical properties of the films were studied by X-ray photoelectron spectroscopy, and the morphology and uniformness by optical microscopy and ellipsometry

Texture analysis using volume-radius fractal dimension

Texture plays an important role in computer vision. It is one of the most important visual attributes used in image analysis, once it provides information about pixel organization at different regions of the image. This paper presents a novel approach for texture characterization, based on complexity analysis. The proposed approach expands the idea of the Mass-radius fractal dimension, a method originally developed for shape analysis, to a set of coordinates in 3D-space that represents the texture under analysis in a signature able to characterize efficiently different texture classes in terms of complexity. An experiment using images from the Brodatz album illustrates the method performance.Comment: 4 pages, 4 figure

Long term monitoring of bright TeV Blazars with the MAGIC telescope

The MAGIC telescope has performed long term monitoring observations of the bright TeV Blazars Mrk421, Mrk501 and 1ES1959+650. Up to 40 observations, 30 to 60 minutes each have been performed for each source evenly distributed over the observable period of the year. The sensitivity of MAGIC is sufficient to establish a flux level of 25% of the Crab flux for each measurement. These observations are well suited to trigger multiwavelength ToO observations and the overall collected data allow an unbiased study of the flaring statistics of the observed AGNs.Comment: 4 pages, 4 figures, to appear in the proceedings of the 30th International Cosmic Ray Conference, Merida, July 200

Composable security of delegated quantum computation

Delegating difficult computations to remote large computation facilities, with appropriate security guarantees, is a possible solution for the ever-growing needs of personal computing power. For delegated computation protocols to be usable in a larger context---or simply to securely run two protocols in parallel---the security definitions need to be composable. Here, we define composable security for delegated quantum computation. We distinguish between protocols which provide only blindness---the computation is hidden from the server---and those that are also verifiable---the client can check that it has received the correct result. We show that the composable security definition capturing both these notions can be reduced to a combination of several distinct "trace-distance-type" criteria---which are, individually, non-composable security definitions. Additionally, we study the security of some known delegated quantum computation protocols, including Broadbent, Fitzsimons and Kashefi's Universal Blind Quantum Computation protocol. Even though these protocols were originally proposed with insufficient security criteria, they turn out to still be secure given the stronger composable definitions.Comment: 37+9 pages, 13 figures. v3: minor changes, new references. v2: extended the reduction between composable and local security to include entangled inputs, substantially rewritten the introduction to the Abstract Cryptography (AC) framewor

Quantitative information flow, with a view

We put forward a general model intended for assessment of system security against passive eavesdroppers, both quantitatively ( how much information is leaked) and qualitatively ( what properties are leaked). To this purpose, we extend information hiding systems ( ihs ), a model where the secret-observable relation is represented as a noisy channel, with views : basically, partitions of the state-space. Given a view W and n independent observations of the system, one is interested in the probability that a Bayesian adversary wrongly predicts the class of W the underlying secret belongs to. We offer results that allow one to easily characterise the behaviour of this error probability as a function of the number of observations, in terms of the channel matrices defining the ihs and the view W . In particular, we provide expressions for the limit value as n → ∞, show by tight bounds that convergence is exponential, and also characterise the rate of convergence to predefined error thresholds. We then show a few instances of statistical attacks that can be assessed by a direct application of our model: attacks against modular exponentiation that exploit timing leaks, against anonymity in mix-nets and against privacy in sparse datasets