689 research outputs found
Guesswork
The security of systems is often predicated on a user or application selecting an object, a password
or key, from a large list. If an inquisitor wishing to identify the object in order to gain access to a
system can only query each possibility, one at a time, then the number of guesses they must make in
order to identify the selected object is likely to be large. If the object is selected uniformly at random
using, for example, a cryptographically secure pseudo-random number generator, then the analysis of
the distribution of the number of guesses that the inquisitor must make is trivial.
If the object has not been selected perfectly uniformly, but with a distribution that is known to the
inquisitor, then the quantification of security is relatively involved. This thesis contains contributions
to the study of this subject, dubbed Guesswork, motivated both by fundamental investigations into
computational security as well as modern applications in secure storage and communication.
This thesis begins with two introductory chapters. One describes existing results in Guesswork and
summarizes the contributions found in the thesis. The other recapitulates some of the mathematical
tools that are employed in the thesis. The other five chapters of contain new contributions to our
understanding of Guesswork, much of which has already experienced peer review and been published.
The chapters themselves are designed to be self-contained and so readable in isolation
Guesswork
The security of systems is often predicated on a user or application selecting an object, a password
or key, from a large list. If an inquisitor wishing to identify the object in order to gain access to a
system can only query each possibility, one at a time, then the number of guesses they must make in
order to identify the selected object is likely to be large. If the object is selected uniformly at random
using, for example, a cryptographically secure pseudo-random number generator, then the analysis of
the distribution of the number of guesses that the inquisitor must make is trivial.
If the object has not been selected perfectly uniformly, but with a distribution that is known to the
inquisitor, then the quantification of security is relatively involved. This thesis contains contributions
to the study of this subject, dubbed Guesswork, motivated both by fundamental investigations into
computational security as well as modern applications in secure storage and communication.
This thesis begins with two introductory chapters. One describes existing results in Guesswork and
summarizes the contributions found in the thesis. The other recapitulates some of the mathematical
tools that are employed in the thesis. The other five chapters of contain new contributions to our
understanding of Guesswork, much of which has already experienced peer review and been published.
The chapters themselves are designed to be self-contained and so readable in isolation
Guessing a password over a wireless channel (on the effect of noise non-uniformity)
A string is sent over a noisy channel that erases some of its characters.
Knowing the statistical properties of the string's source and which characters
were erased, a listener that is equipped with an ability to test the veracity
of a string, one string at a time, wishes to fill in the missing pieces. Here
we characterize the influence of the stochastic properties of both the string's
source and the noise on the channel on the distribution of the number of
attempts required to identify the string, its guesswork. In particular, we
establish that the average noise on the channel is not a determining factor for
the average guesswork and illustrate simple settings where one recipient with,
on average, a better channel than another recipient, has higher average
guesswork. These results stand in contrast to those for the capacity of wiretap
channels and suggest the use of techniques such as friendly jamming with
pseudo-random sequences to exploit this guesswork behavior.Comment: Asilomar Conference on Signals, Systems & Computers, 201
Guesswork, large deviations and Shannon entropy
How hard is it to guess a password? Massey showed
that a simple function of the Shannon entropy of the distribution
from which the password is selected is a lower bound on the
expected number of guesses, but one which is not tight in general.
In a series of subsequent papers under ever less restrictive
stochastic assumptions, an asymptotic relationship as password
length grows between scaled moments of the guesswork and
specific R´enyi entropy was identified.
Here we show that, when appropriately scaled, as the password
length grows the logarithm of the guesswork satisfies a Large
Deviation Principle (LDP), providing direct estimates of the
guesswork distribution when passwords are long. The rate function
governing the LDP possesses a specific, restrictive form that
encapsulates underlying structure in the nature of guesswork.
Returning to Massey’s original observation, a corollary to the
LDP shows that expectation of the logarithm of the guesswork is
the specific Shannon entropy of the password selection process
Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security
We present information-theoretic definitions and results for analyzing
symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when
perfect secrecy is not attained. We adopt two lines of analysis, one based on
lossless source coding, and another akin to rate-distortion theory. We start by
presenting a new information-theoretic metric for security, called symbol
secrecy, and derive associated fundamental bounds. We then introduce
list-source codes (LSCs), which are a general framework for mapping a key
length (entropy) to a list size that an eavesdropper has to resolve in order to
recover a secret message. We provide explicit constructions of LSCs, and
demonstrate that, when the source is uniformly distributed, the highest level
of symbol secrecy for a fixed key length can be achieved through a construction
based on minimum-distance separable (MDS) codes. Using an analysis related to
rate-distortion theory, we then show how symbol secrecy can be used to
determine the probability that an eavesdropper correctly reconstructs functions
of the original plaintext. We illustrate how these bounds can be applied to
characterize security properties of symmetric-key encryption schemes, and, in
particular, extend security claims based on symbol secrecy to a functional
setting.Comment: Submitted to IEEE Transactions on Information Theor
Lists that are smaller than their parts: A coding approach to tunable secrecy
We present a new information-theoretic definition and associated results,
based on list decoding in a source coding setting. We begin by presenting
list-source codes, which naturally map a key length (entropy) to list size. We
then show that such codes can be analyzed in the context of a novel
information-theoretic metric, \epsilon-symbol secrecy, that encompasses both
the one-time pad and traditional rate-based asymptotic metrics, but, like most
cryptographic constructs, can be applied in non-asymptotic settings. We derive
fundamental bounds for \epsilon-symbol secrecy and demonstrate how these bounds
can be achieved with MDS codes when the source is uniformly distributed. We
discuss applications and implementation issues of our codes.Comment: Allerton 2012, 8 page
Bounds on inference
Lower bounds for the average probability of error of estimating a hidden
variable X given an observation of a correlated random variable Y, and Fano's
inequality in particular, play a central role in information theory. In this
paper, we present a lower bound for the average estimation error based on the
marginal distribution of X and the principal inertias of the joint distribution
matrix of X and Y. Furthermore, we discuss an information measure based on the
sum of the largest principal inertias, called k-correlation, which generalizes
maximal correlation. We show that k-correlation satisfies the Data Processing
Inequality and is convex in the conditional distribution of Y given X. Finally,
we investigate how to answer a fundamental question in inference and privacy:
given an observation Y, can we estimate a function f(X) of the hidden random
variable X with an average error below a certain threshold? We provide a
general method for answering this question using an approach based on
rate-distortion theory.Comment: Allerton 2013 with extended proof, 10 page
Strangelet dwarfs
If the surface tension of quark matter is low enough, quark matter is not
self bound. At sufficiently low pressure and temperature, it will take the form
of a crystal of positively charged strangelets in a neutralizing background of
electrons. In this case there will exist, in addition to the usual family of
strange stars, a family of low-mass large-radius objects analogous to white
dwarfs, which we call "strangelet dwarfs". Using a generic parametrization of
the equation of state of quark matter, we calculate the mass-radius
relationship of these objects.Comment: 10 pages, LaTeX, added discussion of CFL phase and strangelet
pollution, version to appear in journal. arXiv admin note: text overlap with
arXiv:0808.067
Genome-wide high-throughput screening to investigate essential genes involved in methicillin-resistant Staphylococcus aureus Sequence Type 398 survival.
Livestock-associated methicillin-resistant Staphylococcus aureus (LA-MRSA) Sequence Type 398 (ST398) is an opportunistic pathogen that is able to colonize and cause disease in several animal species including humans. To better understand the adaptation, evolution, transmission and pathogenic capacity, further investigations into the importance of the different genes harboured by LA-MRSA ST398 are required. In this study we generated a genome-wide transposon mutant library in an LA-MRSA ST398 isolate to evaluate genes important for bacterial survival in laboratory and host-specific environments. The transposon mutant library consisted of approximately 1 million mutants with around 140,000 unique insertion sites and an average number of unique inserts per gene of 44.8. We identified LA-MRSA ST398 essential genes comparable to other high-throughput S. aureus essential gene studies. As ST398 is the most common MRSA isolated from pigs, the transposon mutant library was screened in whole porcine blood. Twenty-four genes were specifically identified as important for bacterial survival in porcine blood. Mutations in 23 of these genes resulted in attenuated bacterial fitness. Seven of the 23 genes were of unknown function, whereas 16 genes were annotated with functions predominantly related to carbon metabolism, pH shock and a variety of regulations and only indirectly to virulence factors. Mutations in one gene of unknown function resulted in a hypercompetitive mutant. Further evaluation of these genes is required to determine their specific relevance in blood survival.This work was funded in part by the Danish Ministry of Food, Agriculture and Fisheries (Grant no. 3304-FVFP-09-F-002-1) and The Technical University of DenmarkThis is the final published version distributed under a Creative Commons Attribution License, which can also be found on the publisher's website at: http://www.plosone.org/article/info%3Adoi%2F10.1371%2Fjournal.pone.008901
- …