Design and Analysis of Cryptographic Algorithms for Authentication

During the previous decades, the upcoming demand for security in the digital world, e.g., the Internet, lead to numerous groundbreaking research topics in the field of cryptography. This thesis focuses on the design and analysis of cryptographic primitives and schemes to be used for authentication of data and communication endpoints, i.e., users. It is structured into three parts, where we present the first freely scalable multi-block-length block-cipher-based compression function (Counter-bDM) in the first part. The presented design is accompanied by a thorough security analysis regarding its preimage and collision security. The second and major part is devoted to password hashing. It is motivated by the large amount of leaked password during the last years and our discovery of side-channel attacks on scrypt – the first modern password scrambler that allowed to parameterize the amount of memory required to compute a password hash. After summarizing which properties we expect from a modern password scrambler, we (1) describe a cache-timing attack on scrypt based on its password-dependent memory-access pattern and (2) outline an additional attack vector – garbage-collector attacks – that exploits optimization which may disregard to overwrite the internally used memory. Based on our observations, we introduce Catena – the first memory-demanding password-scrambling framework that allows a password-independent memory-access pattern for resistance to the aforementioned attacks. Catena was submitted to the Password Hashing Competition (PHC) and, after two years of rigorous analysis, ended up as a finalist gaining special recognition for its agile framework approach and side-channel resistance. We provide six instances of Catena suitable for a variety of applications. We close the second part of this thesis with an overview of modern password scramblers regarding their functional, security, and general properties; supported by a brief analysis of their resistance to garbage-collector attacks. The third part of this thesis is dedicated to the integrity (authenticity of data) of nonce-based authenticated encryption schemes (NAE). We introduce the so-called j-IV-Collision Attack, allowing to obtain an upper bound for an adversary that is provided with a first successful forgery and tries to efficiently compute j additional forgeries for a particular NAE scheme (in short: reforgeability). Additionally, we introduce the corresponding security notion j-INT-CTXT and provide a comparative analysis (regarding j-INT-CTXT security) of the third-round submission to the CAESAR competition and the four classical and widely used NAE schemes CWC, CCM, EAX, and GCM.Die fortschreitende Digitalisierung in den letzten Jahrzehnten hat dazu geführt, dass sich das Forschungsfeld der Kryptographie bedeutsam weiterentwickelt hat. Diese, im Wesentlichen aus drei Teilen bestehende Dissertation, widmet sich dem Design und der Analyse von kryptographischen Primitiven und Modi zur Authentifizierung von Daten und Kommunikationspartnern. Der erste Teil beschäftigt sich dabei mit blockchiffrenbasierten Kompressionsfunktionen, die in ressourcenbeschränkten Anwendungsbereichen eine wichtige Rolle spielen. Im Rahmen dieser Arbeit präsentieren wir die erste frei skalierbare und sichere blockchiffrenbasierte Kompressionsfunktion Counter-bDM und erweitern somit flexibel die erreichbare Sicherheit solcher Konstruktionen. Der zweite Teil und wichtigste Teil dieser Dissertation widmet sich Passwort-Hashing-Verfahren. Zum einen ist dieser motiviert durch die große Anzahl von Angriffen auf Passwortdatenbanken großer Internet-Unternehmen. Zum anderen bot die Password Hashing Competition (PHC) die Möglichkeit, unter Aufmerksamkeit der Expertengemeinschaft die Sicherheit bestehender Verfahren zu hinterfragen, sowie neue sichere Verfahren zu entwerfen. Im Rahmen des zweiten Teils entwarfen wir Anforderungen an moderne Passwort-Hashing-Verfahren und beschreiben drei Arten von Seitenkanal-Angriffen (Cache-Timing-, Weak Garbage-Collector- und Garbage-Collector-Angriffe) auf scrypt – das erste moderne Password-Hashing-Verfahren welches erlaubte, den benötigten Speicheraufwand zur Berechnung eines Passworthashes frei zu wählen. Basierend auf unseren Beobachtungen und Angriffen, stellen wir das erste moderne PasswordHashing-Framework Catena vor, welches für gewählte Instanzen passwortunabhängige Speicherzugriffe und somit Sicherheit gegen oben genannte Angriffe garantiert. Catena erlangte im Rahmen des PHC-Wettbewerbs besondere Anerkennung für seine Agilität und Resistenz gegen SeitenkanalAngriffe. Wir präsentieren sechs Instanzen des Frameworks, welche für eine Vielzahl von Anwendungen geeignet sind. Abgerundet wird der zweite Teil dieser Arbeit mit einem vergleichenden Überblick von modernen Passwort-Hashing-Verfahren hinsichtlich ihrer funktionalen, sicherheitstechnischen und allgemeinen Eigenschaften. Dieser Vergleich wird unterstützt durch eine kurze Analyse bezüglich ihrer Resistenz gegen (Weak) Garbage-Collector-Angriffe. Der dritte teil dieser Arbeit widmet sich der Integrität von Daten, genauer, der Sicherheit sogenannter Nonce-basierten authentisierten Verschlüsselungsverfahren (NAE-Verfahren), welche ebenso wie Passwort-Hashing-Verfahren in der heutigen Sicherheitsinfrastruktur des Internets eine wichtige Rolle spielen. Während Standard-Definitionen keine Sicherheit nach dem Fund einer ersten erfolgreich gefälschten Nachricht betrachten, erweitern wir die Sicherheitsanforderungen dahingehend wie schwer es ist, weitere Fälschungen zu ermitteln. Wir abstrahieren die Funktionsweise von NAEVerfahren in Klassen, analysieren diese systematisch und klassifizieren die Dritt-Runden-Kandidaten des CAESAR-Wettbewerbs, sowie vier weit verbreitete NAE-Verfahren CWC, CCM, EAX und GCM

Clinical implications of having reduced mid forced expiratory flow rates (FEF25-75), independently of FEV1, in adult patients with asthma

INTRODUCTION:FEF25-75 is one of the standard results provided in spirometry reports; however, in adult asthmatics there is limited information on how this physiological measure relates to clinical or biological outcomes independently of the FEV1 or the FEV1/FVC ratio. PURPOSE:To determine the association between Hankinson's percent-predicted FEF25-75 (FEF25-75%) levels with changes in healthcare utilization, respiratory symptom frequency, and biomarkers of distal airway inflammation. METHODS:In participants enrolled in the Severe Asthma Research Program 1-2, we compared outcomes across FEF25-75% quartiles. Multivariable analyses were done to avoid confounding by demographic characteristics, FEV1, and the FEV1/FVC ratio. In a sensitivity analysis, we also compared outcomes across participants with FEF25-75% below the lower limit of normal (LLN) and FEV1/FVC above LLN. RESULTS:Subjects in the lowest FEF25-75% quartile had greater rates of healthcare utilization and higher exhaled nitric oxide and sputum eosinophils. In multivariable analysis, being in the lowest FEF25-75% quartile remained significantly associated with nocturnal symptoms (OR 3.0 [95%CI 1.3-6.9]), persistent symptoms (OR 3.3 [95%CI 1-11], ICU admission for asthma (3.7 [1.3-10.8]) and blood eosinophil % (0.18 [0.07, 0.29]). In the sensitivity analysis, those with FEF25-75% <LLN had significantly more nocturnal and persistent symptoms, emergency room visits, higher serum eosinophil levels and increased methacholine responsiveness. CONCLUSIONS:After controlling for demographic variables, FEV1 and FEV1/FVC, a reduced FEF25-75% is independently associated with previous ICU admission, persistent symptoms, nocturnal symptoms, blood eosinophilia and bronchial hyperreactivity. This suggests that in some asthmatics, a reduced FEF25-75% is an independent biomarker for more severe asthma

Smoking in asthma is associated with elevated levels of corticosteroid resistant sputum cytokines—an exploratory study

&lt;p&gt;Background: Current cigarette smoking is associated with reduced acute responses to corticosteroids and worse clinical outcomes in stable chronic asthma. The mechanism by which current smoking promotes this altered behavior is currently unclear. Whilst cytokines can induce corticosteroid insensitivity in-vitro, how current and former smoking affects airway cytokine concentrations and their responses to oral corticosteroids in stable chronic asthma is unclear.&lt;/p&gt; &lt;p&gt;Objectives: To examine blood and sputum cytokine concentrations in never, ex and current smokers with asthma before and after oral corticosteroids.&lt;/p&gt; &lt;p&gt;Methods: Exploratory study utilizing two weeks of oral dexamethasone (equivalent to 40 mg/day prednisolone) in 22 current, 21 never and 10 ex-smokers with asthma. Induced sputum supernatant and plasma was obtained before and after oral dexamethasone. 25 cytokines were measured by multiplex microbead system (Invitrogen, UK) on a Luminex platform.&lt;/p&gt; &lt;p&gt;Results: Smokers with asthma had elevated sputum cytokine interleukin (IL) -6, -7, and -12 concentrations compared to never smokers with asthma. Few sputum cytokine concentrations changed in response to dexamethasone IL-17 and IFNα increased in smokers, CCL4 increased in never smokers and CCL5 and CXCL10 reduced in ex-smokers with asthma. Ex-smokers with asthma appeared to have evidence of an ongoing corticosteroid resistant elevation of cytokines despite smoking cessation. Several plasma cytokines were lower in smokers wi&lt;/p&gt; &lt;p&gt;Conclusion: Cigarette smoking in asthma is associated with a corticosteroid insensitive increase in multiple airway cytokines. Distinct airway cytokine profiles are present in current smokers and never smokers with asthma and could provide an explanatory mechanism for the altered clinical behavior observed in smokers with asthma.&lt;/p&gt

Novel role for the innate immune receptor toll-like receptor 4 (TLR4) in the regulation of the wnt signaling pathway and photoreceptor apoptosis

Recent evidence has implicated innate immunity in regulating neuronal survival in the brain during stroke and other neurodegenerations. Photoreceptors are specialized light-detecting neurons in the retina that are essential for vision. In this study, we investigated the role of the innate immunity receptor TLR4 in photoreceptors. TLR4 activation by lipopolysaccharide (LPS) significantly reduced the survival of cultured mouse photoreceptors exposed to oxidative stress. With respect to mechanism, TLR4 suppressed Wnt signaling, decreased phosphorylation and activation of the Wnt receptor LRP6, and blocked the protective effect of the Wnt3a ligand. Paradoxically, TLR4 activation prior to oxidative injury protected photoreceptors, in a phenomenon known as preconditioning. Expression of TNFα and its receptors TNFR1 and TNFR2 decreased during preconditioning, and preconditioning was mimicked by TNFα antagonists, but was independent of Wnt signaling. Therefore, TLR4 is a novel regulator of photoreceptor survival that acts through the Wnt and TNFα pathways. © 2012 Yi et al

Risk assessment for the spread of Serratia marcescens within dental-unit waterline systems using Vermamoeba vermiformis

Vermamoeba vermiformis is associated with the biofilm ecology of dental-unit waterlines (DUWLs). This study investigated whether V. vermiformis is able to act as a vector for potentially pathogenic bacteria and so aid their dispersal within DUWL systems. Clinical dental water was initially examined for Legionella species by inoculating it onto Legionella selective-medium plates. The molecular identity/profile of the glassy colonies obtained indicated none of these isolates were Legionella species. During this work bacterial colonies were identified as a non-pigmented Serratia marcescens. As the water was from a clinical DUWL which had been treated with Alpron™ this prompted the question as to whether S. marcescens had developed resistance to the biocide. Exposure to Alpron™ indicated that this dental biocide was effective, under laboratory conditions, against S. marcescens at up to 1x108 colony forming units/millilitre (cfu/ml). V. vermiformis was cultured for eight weeks on cells of S. marcescens and Escherichia coli. Subsequent electron microscopy showed that V. vermiformis grew equally well on S. marcescens and E. coli (p = 0.0001). Failure to detect the presence of S. marcescens within the encysted amoebae suggests that V. vermiformis is unlikely to act as a vector supporting the growth of this newly isolated, nosocomial bacterium

Remote Manipulation of Droplets on a Flexible Magnetically Responsive Film

The manipulation of droplets is used in a wide range of applications, from lab-on-a-chip devices to bioinspired functional surfaces. Although a variety of droplet manipulation techniques have been proposed, active, fast and reversible manipulation of pure discrete droplets remains elusive due to the technical limitations of previous techniques. Here, we describe a novel technique that enables active, fast, precise and reversible control over the position and motion of a pure discrete droplet with only a permanent magnet by utilizing a magnetically responsive flexible film possessing actuating hierarchical pillars on the surface. This magnetically responsive surface shows reliable actuating capabilities with immediate field responses and maximum tilting angles of ???90??. Furthermore, the magnetic responsive film exhibits superhydrophobicity regardless of tilting angles of the actuating pillars. Using this magnetically responsive film, we demonstrate active and reversible manipulation of droplets with a remote magnetic force.open0

Clinical patterns in asthma based on proximal and distal airway nitric oxide categories

<p>Abstract</p> <p>Background</p> <p>The exhaled nitric oxide (eNO) signal is a marker of inflammation, and can be partitioned into proximal [J'aw_NO(nl/s), maximum airway flux] and distal contributions [CA_NO(ppb), distal airway/alveolar NO concentration]. We hypothesized that J'aw_NOand CA_NOare selectively elevated in asthmatics, permitting identification of four inflammatory categories with distinct clinical features.</p> <p>Methods</p> <p>In 200 consecutive children with asthma, and 21 non-asthmatic, non-atopic controls, we measured baseline spirometry, bronchodilator response, asthma control and morbidity, atopic status, use of inhaled corticosteroids, and eNO at multiple flows (50, 100, and 200 ml/s) in a cross-sectional study design. A trumpet-shaped axial diffusion model of NO exchange was used to characterize J'aw_NOand CA_NO.</p> <p>Results</p> <p>J'aw_NOwas not correlated with CA_NO, and thus asthmatic subjects were grouped into four eNO categories based on upper limit thresholds of non-asthmatics for J'aw_NO(≥ 1.5 nl/s) and CA_NO(≥ 2.3 ppb): Type I (normal J'aw_NOand CA_NO), Type II (elevated J'aw_NOand normal CA_NO), Type III (elevated J'aw_NOand CA_NO) and Type IV (normal J'aw_NOand elevated CA_NO). The rate of inhaled corticosteroid use (lowest in Type III) and atopy (highest in Type II) varied significantly amongst the categories influencing J'aw_NO, but was not related to CA_NO, asthma control or morbidity. All categories demonstrated normal to near-normal baseline spirometry; however, only eNO categories with increased CA_NO(III and IV) had significantly worse asthma control and morbidity when compared to categories I and II.</p> <p>Conclusions</p> <p>J'aw_NOand CA_NOreveal inflammatory categories in children with asthma that have distinct clinical features including sensitivity to inhaled corticosteroids and atopy. Only categories with increase CA_NOwere related to poor asthma control and morbidity independent of baseline spirometry, bronchodilator response, atopic status, or use of inhaled corticosteroids.</p

Impact of Age and Sex on Outcomes and Hospital Cost of Acute Asthma in the United States, 2011-2012

Background Worldwide, asthma is a leading cause of morbidity, mortality and economic burden, with significant gender and racial disparities. However, little attention has been given to the independent role of age on lifetime asthma severity and hospitalization. We aimed to assess the effect of age, gender, race and ethnicity on indicators of asthma severity including asthma related hospitalization, mortality, hospital cost, and the rate of respiratory failure. Methods We analyzed the 2011 and 2012 Healthcare Cost and Utilization Project- National Inpatient Sample (NIS). We validated and extended those results using the National Heart, Lung, and Blood Institute-Severe Asthma Research Program (SARP; 2002-2011) database. Severe asthma was prospectively defined using the stringent American Thoracic Society (ATS) definition. Results Hospitalization for asthma was reported in 372,685 encounters in 2012 and 368,528 in 2011. The yearly aggregate cost exceeded $2 billion. There were distinct bimodal distributions for hospitalization age, with an initial peak at 5 years and a second at 50 years. Likewise, this bimodal age distribution of patients with severe asthma was identified using SARP. Males comprised the majority of individuals in the first peak, but women in the second. Aggregate hospital cost mirrored the bimodal peak distribution. The probability of respiratory failure increased with age until the age of 60, after which it continued to increase in men, but not in women. Conclusions Severe asthma is primarily a disease of young boys and middle age women. Greater understanding of the biology of lung aging and influence of sex hormones will allow us to plan for targeted interventions during these times in order to reduce the personal and societal burdens of asthma

Search for a Technicolor omega_T Particle in Events with a Photon and a b-quark Jet at CDF

If the Technicolor omega_T particle exists, a likely decay mode is omega_T -> gamma pi_T, followed by pi_T -> bb-bar, yielding the signature gamma bb-bar. We have searched 85 pb^-1 of data collected by the CDF experiment at the Fermilab Tevatron for events with a photon and two jets, where one of the jets must contain a secondary vertex implying the presence of a b quark. We find no excess of events above standard model expectations. We express the result of an exclusion region in the M_omega_T - M_pi_T mass plane.Comment: 14 pages, 2 figures. Available from the CDF server (PS with figs): http://www-cdf.fnal.gov/physics/pub98/cdf4674_omega_t_prl_4.ps FERMILAB-PUB-98/321-