Climate-controlled root zone parameters show potential to improve water flux simulations by land surface models

The root zone storage capacity (Sr) is the maximum volume of water in the subsurface that can potentially be accessed by vegetation for transpiration. It influences the seasonality of transpiration as well as fast and slow runoff processes. Many studies have shown that Sr is heterogeneous as controlled by local climate conditions, which affect vegetation strategies in sizing their root system able to support plant growth and to prevent water shortages. Root zone parameterization in most land surface models does not account for this climate control on root development and is based on lookup tables that prescribe the same root zone parameters worldwide for each vegetation class. These lookup tables are obtained from measurements of rooting structure that are scarce and hardly representative of the ecosystem scale. The objective of this research is to quantify and evaluate the effects of a climate-controlled representation of Sr on the water fluxes modeled by the Hydrology Tiled ECMWF Scheme for Surface Exchanges over Land (HTESSEL) land surface model. Climate-controlled Sr is estimated here with the “memory method” (MM) in which Sr is derived from the vegetation's memory of past root zone water storage deficits. Sr,MM is estimated for 15 river catchments over Australia across three contrasting climate regions: tropical, temperate and Mediterranean. Suitable representations of Sr,MM are implemented in an improved version of HTESSEL (Moisture Depth – MD) by accordingly modifying the soil depths to obtain a model Sr,MD that matches Sr,MM in the 15 catchments. In the control version of HTESSEL (CTR), Sr,CTR is larger than Sr,MM in 14 out of 15 catchments. Furthermore, the variability among the individual catchments of Sr,MM (117–722 mm) is considerably larger than of Sr,CTR (491–725 mm). The climate-controlled representation of Sr in the MD version results in a significant and consistent improvement of the modeled monthly seasonal climatology (1975–2010) and interannual anomalies of river discharge compared with observations. However, the effects on biases in long-term annual mean river discharge are small and mixed. The modeled monthly seasonal climatology of the catchment discharge improved in MD compared to CTR: the correlation with observations increased significantly from 0.84 to 0.90 in tropical catchments, from 0.74 to 0.86 in temperate catchments and from 0.86 to 0.96 in Mediterranean catchments. Correspondingly, the correlations of the interannual discharge anomalies improve significantly in MD from 0.74 to 0.78 in tropical catchments, from 0.80 to 0.85 in temperate catchments and from 0.71 to 0.79 in Mediterranean catchments. The results indicate that the use of climate-controlled Sr,MM can significantly improve the timing of modeled discharge and, by extension, also evaporation fluxes in land surface models. On the other hand, the method has not been shown to significantly reduce long-term climatological model biases over the catchments considered for this study.</p

A novel hybrid password authentication scheme based on text and image

Considering the popularity and wide deployment of text passwords, we predict that they will be used as a prevalent authentication mechanism for many years to come. Thus, we have carried out studies on mechanisms to enhance text passwords. These studies suggest that password space and memorability should be improved, with an additional mechanism based on images. The combination of text and images increases resistance to some password attacks, such as brute force and observing attacks. We propose a hybrid authentication scheme integrating text and recognition-based graphical passwords. This authentication scheme can reduce the phishing attacks because if users are deceived to share their key passwords, there is still a chance to save the complete password as attackers do not know the users' image preferences. In addition to the security aspect, the proposed authentication scheme increases memorability as it does not require users to remember long and complex passwords. Thus, with the proposed scheme users will be able to create strong passwords without sacrificing usability. The hybrid scheme also offers an enjoyable sign-in/log-in experience to users

Influencing users towards better passwords: Persuasive cued click-points

Usable security has unique usability challenges because the need for security often means that standard human-computerinteraction approaches cannot be directly applied. An important usability goal for authentication systems is to support users in selecting better passwords, thus increasing security by expanding the effective password space. In click-based graphical passwords, poorly chosen passwords lead to the emergence of hotspots ' portions of the image where users are more likely to select click-points, allowing attackers to mount more successful dictionary attacks. We use persuasion to influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more secure, click-points. Our approach is to introduce persuasion to the Cued Click-Points graphical password scheme (Chiasson, van Oorschot, Biddle, 2007). Our resulting scheme significantly reduces hotspots while still maintaining its usability

Prevalence of sensitization to the predatory mite Amblyseius cucumeris as a new occupational allergen in horticulture

Background: Protection against thrips, a common pest in bell pepper horticulture is effectively possible without pesticides by using the commercially available predatory mite Amblyseius cucumeris (Ac). The prevalence of sensitization to Ac among exposed greenhouse employees and its clinical relevance was studied. Methods: Four hundred and seventytwo employees were asked to fill in a questionnaire and were tested on location. Next to RAST, skin prick tests (SPTs) were performed with common inhalant allergens, the storage mite Tyrophagus putrescentiae (Tp) which serves as a temporary food source during the cultivation process and Ac. Furthermore, nasal challenge tests with Ac were carried out in 23 sensitized employees. Results: SPTs positive to Ac were found in 109 employees (23%). Work-related symptoms were reported by 76.1%. Sensitization to Tp was found in 62 employees of whom 48 were also sensitized to Ac. Immunoglobulin (Ig)E-mediated allergy to inhalant allergens appeared to be an important risk factor for sensitization to Ac. Employees with rhinitis symptoms showed a significantly higher response to all Ac doses during the nasal challenge test compared with employees without rhinitis symptoms. Conclusions: The predatory mite Ac is a new occupational allergen in horticulture which can cause an IgE-mediated allergy in exposed employees. It is biologically active on the mucous membranes of the nose and therefore clinically relevant for the development of work-related symptoms

Persuasive cued click-points: Design, implementation, and evaluation of a knowledge-based authentication mechanism

This paper presents an integrated evaluation of the Persuasive Cued Click-Points graphical password scheme, including usability and security evaluations, and implementation considerations. An important usability goal for knowledge-based authentication systems is to support users in selecting passwords of higher security, in the sense of being from an expanded effective security space. We use persuasion to influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more difficult to guess, click-points

Hard Instances of the Constrained Discrete Logarithm Problem

The discrete logarithm problem (DLP) generalizes to the constrained DLP, where the secret exponent $x$ belongs to a set known to the attacker. The complexity of generic algorithms for solving the constrained DLP depends on the choice of the set. Motivated by cryptographic applications, we study sets with succinct representation for which the constrained DLP is hard. We draw on earlier results due to Erd\"os et al. and Schnorr, develop geometric tools such as generalized Menelaus' theorem for proving lower bounds on the complexity of the constrained DLP, and construct sets with succinct representation with provable non-trivial lower bounds

CROO: A universal infrastructure and protocol to detect identity fraud

Identity fraud (IDF) may be defined as unauthorized exploitation of credential information through the use of false identity. We propose CROO, a universal (i.e. generic) infrastructure and protocol to either prevent IDF (by detecting attempts thereof), or limit its consequences (by identifying cases of previously undetected IDF). CROO is a capture resilient one-time password scheme, whereby each user must carry a personal trusted device used to generate one-time passwords (OTPs) verified by online trusted parties. Multiple trusted parties may be used for increased scalability. OTPs can be used regardless of a transaction’s purpose (e.g. user authentication or financial payment), associated credentials, and online or on-site nature; this makes CROO a universal scheme. OTPs are not sent in cleartext; they are used as keys to compute MACs of hashed transaction information, in a manner allowing OTP-verifying parties to confirm that given user credentials (i.e. OTP-keyed MACs) correspond to claimed hashed transaction details. Hashing transaction details increases user privacy. Each OTP is generated from a PIN-encrypted non-verifiable key; this makes users’ devices resilient to off-line PIN-guessing attacks. CROO’s credentials can be formatted as existing user credentials (e.g. credit cards or driver’s licenses)

Quantum resource estimates for computing elliptic curve discrete logarithms

We give precise quantum resource estimates for Shor's algorithm to compute discrete logarithms on elliptic curves over prime fields. The estimates are derived from a simulation of a Toffoli gate network for controlled elliptic curve point addition, implemented within the framework of the quantum computing software tool suite LIQ$Ui|\rangle$. We determine circuit implementations for reversible modular arithmetic, including modular addition, multiplication and inversion, as well as reversible elliptic curve point addition. We conclude that elliptic curve discrete logarithms on an elliptic curve defined over an $n$-bit prime field can be computed on a quantum computer with at most $9n + 2\lceil\log_2(n)\rceil+10$ qubits using a quantum circuit of at most $448 n^3 \log_2(n) + 4090 n^3$ Toffoli gates. We are able to classically simulate the Toffoli networks corresponding to the controlled elliptic curve point addition as the core piece of Shor's algorithm for the NIST standard curves P-192, P-224, P-256, P-384 and P-521. Our approach allows gate-level comparisons to recent resource estimates for Shor's factoring algorithm. The results also support estimates given earlier by Proos and Zalka and indicate that, for current parameters at comparable classical security levels, the number of qubits required to tackle elliptic curves is less than for attacking RSA, suggesting that indeed ECC is an easier target than RSA.Comment: 24 pages, 2 tables, 11 figures. v2: typos fixed and reference added. ASIACRYPT 201