Lightweight usable cryptography: a usability evaluation of the Ascon 1.2 family

We present a usability study of the Ascon 1.2 family of cryptographic algorithms. As far as we know, this is the first published experimental evaluation aimed at a cryptographic design (i.e. not a specific API) with the purpose of informing which aspects to standardise. While the results show the general difficulty of choosing and applying cryptographic algorithms, there are some more specific insights. These include the possibility of confusing multiple variants, the relevance of small interfaces, and the desire for higher-level wrapper functions (e.g. for protocols). Overall, many questions are still open, including how usability could be integrated into the design and evaluation of cryptographic algorithms. Our main takeaway is that lightweight usable cryptography is an open research area that deserves greater focus. For the review of NISTIR 7977, the standardisation process of Ascon as a FIPS, and when exploring potential future SPs, the key criterion of usability should be based on realistic user testing and on triangulation from other methods.Comment: Lightweight Cryptography Workshop 2023. https://csrc.nist.gov/events/2023/lightweight-cryptography-workshop-202

A Case of Sesame Seeds: Growing and Nurturing Credentials in the Face of Mimicry

The purpose of this paper is to put the study of mimicry on the information security research map. Mimicry in humans has received little scholarly attention. Sociologist Diego Gambetta has constructed a framework that enables reasoning about episodes of mimicry based on trust in signs. By looking at the problem of phishing the applicability of this framework to problems of mimicry in information security system was tested. It was found that while the framework offers valuable insights, it needs to be updated since the assumptions that it makes do not hold in practice. A new framework is proposed, built on the core ideas of Gambetta’s framework, and extended with results from a literature study of phishing and other sources. This framework has been used for finding possible solutions to problems in web browser interface design. Because the nature of authentication was found to be the observation of discriminatory signals the paper also discusses the ethical issues surrounding the use of credentials. We hope that this paper will help system designers in finding and choosing appropriate credentials for authentication. By using the proposed framework a system can be analysed for the presence of credentials that enable the discrimination between genuine users and impostors. The framework can also serve as a method for identifying the dynamics behind user verification of credentials. The two problems that the framework can help address are the impersonation of providers and the impersonation of users. Like much other security research the results of this paper can be misused by attackers. It is expected that the framework will be more useful for defenders than attackers, as it is of an analytical nature, and cannot be used directly in any attacks. Since this study is of an exploratory nature the findings of the study need to be verified through research with greater validity. The paper contains directions for further research

Inflammatory Monocytes in Bipolar Disorder and Related Endocrine Autoimmune Diseases

Bipolar disorder (also called manic-depressive illness) is one of the major mood disorders. The term manic-depressive illness was introduced by Emil Kraepelin (1856-1926) in the late nineteenth century.1 It is in most patients a chronic illness with recurrent manic and depressive episodes, usually alternated with periods with normal mood between the episodes. A manic episode is characterised by an elevated, expansive or irritable mood which can be accompanied by a high self-esteem, decreased need of sleep, flight of ideas or racing thoughts, increased speech, distractibility, psychomotor agitation and excessive involvement in activities with painful consequences. A hypomanic episode meets the criteria for mania but is not associated with social or occupational impairment as is the case with a manic episode. A patient with a depressed episode has a depressed mood together with the possible following symptoms: sleep disturbances, psychomotor retardation or agitation, fatigue, feelings of worthlessness or guilt, impaired thinking or concentration, change of appetite or weight and suicidal thoughts.2, 3 With its manic episodes bipolar disorder differs from (unipolar) depression, which is characterized by one or more depressive episodes, but never a manic (or hypomanic) episode

Settling for less

In a well-functioning democracy voters should elect parties and representatives with whom they agree on policy issues. The current paper investigates the extent to which Dutch voters in the 2017 parliamentary election had accurate information about parties’ policy positions. We elicit the extent to which voters think they vote for parties with whom they maximally agree (subjective congruence) and the extent to which this is actually true (objective congruence). Results show voters in our sample to have accurate information about approximately half of the policy positions of a random large party. Only 21.5 percent voted for a party with whom they were maximally objectively congruent. Objective congruence does not increase with information accuracy. Voters appear to consciously accept losses in terms of subjective congruence, as only 34.7 percent votes for a party with whom they think to be maximally congruent. These results are compatible with the interpretation of voters first choosing a party, and then (to some degree) adapting their personal policy positions to those of the chosen party