Investigating power and fault analysis with specific application to bilinear pairings

The security of bilinear pairings against implementation attacks such as side channel and fault attacks is largely an uncharted area of research. Apart from one publication on the topic, coverage of this area is non-existent. Armed with the fact that the number of applications based on bilinear pairings is ever-increasing, the bilinear pairing algorithms themselves are constantly being enhanced and optimised such that they are commercially viable, and the fact that the current research on elliptic curve primitives is not applicable to bilinear pairings, makes this a vital topic for further investigation and analysis. This research aims to begin to fill this void. Along with addressing some of the more subtle aspects of implementation attacks, this research presents an investigation into the security of bilinear pairings against implementation attacks. Specifically, the process of performing the data analysis phase of a Side Channel Attack (SCA) is analysed. A theoretical fault attack on the Digital Signature Algorithm (DSA) is examined and implemented in practice. A number of candidate bilinear pairing algorithms are assessed for vulnerability to the SCA, first-order power analysis, which passively monitors the power consumption of a device. Furthermore, a number of candidate bilinear pairing algorithms are assessed for vulnerability to fault analysis, which seeks to actively disrupt the normal execution of an algorithm. Our principal results can be summarised as follows: We suggest computational improvements to the Differential Power Analysis (DPA) data analysis process, which can reduce the number of operations by up to 97%. We demonstrate how a theoretical attack on the DSA using lattice reduction can be executed in practice with the aid of a glitch attack. We propose a novel SCA technique to attack various finite field operations. This attack involves analysing the structural evolution of finite field operations and is based on Correlation Power Analysis (CPA), which is a form of first-order power analysis. We examine the Tate, Ate and nT pairing for vulnerability to first-order power analysis and discover that given certain parameter choice, the Tate and Ate pairing can provide options for minimising an attack, whereas the nT pairing provides no such options and can be attacked from all parameter positions. We investigate the existence of opportunistic faults on the Weil, Tate and nT pairing and discover two types of fault attacks that can be successfully applied to the Weil and n pairing to reveal the secret key. This weakness is attributed to the absence or simplicity of the final exponentiation employed, highlighting the fact that the final exponentiation is a vital operation in bilinear pairing computation and in particular adds a layer of protection to pairings. This fact is further compounded in the proof that the Tate pairing is immune to such fault attacks. Finally, we provide recommendations based on our findings for secure bilinear pairing implementation in terms of power and fault analysis

Characterizing a psychiatric symptom dimension related to deficits in goal-directed control.

Prominent theories suggest that compulsive behaviors, characteristic of obsessive-compulsive disorder and addiction, are driven by shared deficits in goal-directed control, which confers vulnerability for developing rigid habits. However, recent studies have shown that deficient goal-directed control accompanies several disorders, including those without an obvious compulsive element. Reasoning that this lack of clinical specificity might reflect broader issues with psychiatric diagnostic categories, we investigated whether a dimensional approach would better delineate the clinical manifestations of goal-directed deficits. Using large-scale online assessment of psychiatric symptoms and neurocognitive performance in two independent general-population samples, we found that deficits in goal-directed control were most strongly associated with a symptom dimension comprising compulsive behavior and intrusive thought. This association was highly specific when compared to other non-compulsive aspects of psychopathology. These data showcase a powerful new methodology and highlight the potential of a dimensional, biologically-grounded approach to psychiatry research.Funded by a Sir Henry Wellcome Postdoctoral Fellowship (101521/Z/12/Z) awarded to CM Gillan. Claire M Gillan: Wellcome Trust 101521/Z/12/Z Nathaniel D Daw: National Institute on Drug Abuse 1R01DA038891 Nathaniel D Daw: James S. McDonnell Foundation Scholar AwardThis is the final version of the article. It first appeared from eLife Sciences Publications via http://dx.doi.org/10.7554/eLife.1130

Mental Health Act, 2001 Toolkit

Toolkit on the Mental Health Act, 2001The School of Law, University College Cork, has developed a Mental Health Act, 2001 Toolkit in partnership with Mental Health Reform. When people with mental health difficulties are admitted to mental health units, either on a voluntary or involuntary basis, it is vital that user-friendly, accessible, information is available regarding human rights. Access to this information is essential for people with mental health difficulties, their family members, advocates, supporters and carers. The Mental Health Act, 2001 Toolkit will be published on Mental Health Reform's website and will include information on topics such as the following: What are the main human rights in Mental Health law? What is the Mental Health Act? Can I make an Advance Healthcare Directive? The Role and Rights of my Supporters / Family / Carers Approved Centres and What to Expect. My Rights as a' Voluntary Patient'. My Rights as an 'Involuntary Patient'. Mental Health Tribunals Explained. Complaints, Advocacy and Activism. The Toolkit will be a vital means of empowerment, enabling people to become educated about their rights, so that they can exercise and claim those rights. This aids fuller realisation of rights provided by the UN Convention on the Rights of Persons with Disabilities (CRPD), the Irish Constitution, and other human rights documents. The Toolkit was drafted in consultation with Mental Health Reform's member organisations, through a series of online and in-person consultation meetings. The meetings were attended by a wide variety of people, including people with lived experience of mental health difficulties, family members, staff and supporters of organisations. This project was funded by the Irish Research Council. The researcher was Darius Whelan and the Research Assistant was Claire Carroll. The co-ordinator from Mental Health Reform was Ber Grogan

A digital lifestyle behaviour change intervention for the prevention of type 2 diabetes:A qualitative study exploring intuitive engagement with real-time glucose and physical activity feedback

BACKGROUND: Mobile health technologies have advanced to now allow monitoring of the acute physiological responses to lifestyle behaviours. Our aim was to explore how people engaged with real-time feedback on their physical activity and glucose levels over several weeks. METHODS: Semi-structured interviews with 26 participants (61.5% female, 56.6 years) at moderate-to-high risk of developing type 2 diabetes were conducted. Interviews were completed after participants took part in an intervention comprising a flash glucose monitor (Freestyle Libre) and a physical activity monitor (Fitbit Charge 2). Purposive sampling ensured representation of ages, genders and group allocations. RESULTS: Inductive thematic analysis revealed how individuals intuitively used, interpreted and acted on feedback from wearable technologies. Six key themes emerged: triggers of engagement with the technologies, links between behaviour and health, lack of confidence, changes to movement behaviours, changes to diet and barriers to lifestyle behaviour change. CONCLUSIONS: Our findings demonstrate that accessing behavioural and physiological feedback can increase self-awareness of how lifestyle impacts short-term health. Some participants noticed a link between the feedback presented by the two devices and changed their behaviour but many did not. Training and educational support, as well as efforts to optimize how feedback is presented to users, are needed to sustain engagement and behaviour change. Extensions of this work to involve people with diabetes are also warranted to explore whether behavioural and physiological feedback in parallel can encourage better diabetes self-management. TRIAL REGISTRATION: ISRCTN Registry, ISRCTN17545949 , 12/05/2017, prospectively registered

Acetaldehyde Production by Rothia Mucilaginosa Isolates from Patients with Oral Leukoplakia.

Rothia mucilaginosa has been found at high abundance on oral leukoplakia (OLK). The ability of clinical isolates to produce acetaldehyde (ACH) from ethanol has not been investigated. The objective of the current study was to determine the capacity of R. mucilaginosa isolates recovered from OLK to generate ACH. Analysis of R. mucilaginosa genomes (n = 70) shows that this species does not normally encode acetaldehyde dehydrogenase (ALDH) required for detoxification of ACH. The predicted OLK metagenome also exhibited reduced ALDH coding capacity. We analysed ACH production in 8 isolates of R. mucilaginosa and showed that this species is capable of generating ACH in the presence of ethanol. The levels of ACH produced (mean = 53 µM) were comparable to those produced by Neisseria mucosa and Candida albicansin parallel assays. These levels were demonstrated to induce oxidative stress in cultured oral keratinocytes. This study shows that R. mucilaginosa can generate ACH from ethanol in vitro at levels which can induce oxidative stress. This organism likely contributes to oral ACH levels following alcohol consumption and the significance of the increased abundance of R. mucilaginosa in patients with potentially malignant disorders requires further investigation

COS-Speech: Protocol to develop a core outcome set for dysarthria after stroke for use in clinical practice and research

BACKGROUND: Dysarthria after stroke is when speech intelligibility is impaired, and this occurs in half of all stroke survivors. Dysarthria often leads to social isolation, poor psychological well-being and can prevent return to work and social lives. Currently, a variety of outcome measures are used in clinical research and practice when monitoring recovery for people who have dysarthria. When research studies use different measures, it is impossible to compare results from trials and delays our understanding of effective clinical treatments. The aim of this study is to develop a core outcome set (COS) to agree what aspects of speech recovery should be measured for dysarthria after stroke (COS-Speech) in research and clinical practice. METHODS: The COS-Speech study will include five steps: (1) development of a long list of possible outcome domains of speech that should be measured to guide the survey; (2) recruitment to the COS-Speech study of three key stakeholder groups in the UK and Australia: stroke survivors, communication researchers and speech and language therapists/pathologists; (3) two rounds of the Delphi survey process; (4) a consensus meeting to agree the speech outcomes to be measured and a follow-up consensus meeting to match existing instruments/measures (from parallel systematic review) to the agreed COS-Speech; (5) dissemination of COS-Speech. DISCUSSION: There is currently no COS for dysarthria after stroke for research trials or clinical practice. The findings from this research study will be a minimum COS, for use in all dysarthria research studies and clinical practice looking at post-stroke recovery of speech. These findings will be widely disseminated using professional and patient networks, research and clinical forums as well as using a variety of academic papers, videos, accessible writing such as blogs and links on social media. TRIAL REGISTRATION: COS-Speech is registered with the Core Outcome Measures in Effectiveness Trials (COMET) database, October 2021 https://www.comet-initiative.org/Studies/Details/1959. In addition, “A systematic review of the psychometric properties and clinical utility of instruments measuring dysarthria after stroke” will inform the consensus meeting to match measures to COS-Speech. The protocol for the systematic reviews registered with the International Prospective Register of Systematic Reviews. PROSPERO registration number: CRD42022302998. SUPPLEMENTARY INFORMATION: The online version contains supplementary material available at 10.1186/s13063-022-06958-7

Distinguishing multiplications from squaring operations

Abstract. In this paper we present a new approach to attacking a modular exponentiation and scalar multiplication based by distinguishing multiplications from squaring operations using the instantaneous power consumption. Previous approaches have been able to distinguish these operations based on information of the specific implementation of the embedded algorithm or the relationship between specific plaintexts. The proposed attack exploits the expected Hamming weight of the result of the computed operations. We extrapolate our observations and assess the consequences for elliptic curve cryptosystems when unified formulae for point addition are used

The Sorcerer’s Apprentice Guide to Fault Attacks

The effect of faults on electronic systems has been studied since the 1970s when it was noticed that radioactive particles caused errors in chips. This led to further research on the effect of charged particles on silicon, motivated by the aerospace industry who was becoming concerned about the effect of faults in airborn electronic systems. Since then various mechanisms for fault creation and propagation have been discovered and researched. This paper covers the various methods that can be used to induce faults in semiconductors and exploit such errors maliciously. Several examples of attacks stemming from the exploiting of faults are explained. Finally a series of countermeasures to thwart these attacks are described

Is the abundance of Faecalibacterium prausnitzii relevant to Crohn's disease?

Reports that bacteria within the Firmicutes phylum, especially the species Faecalibacterium prausnitzii, are less abundant in Crohn’s disease (CD) patients and supernatants from cultures of this bacterium are anti-inflammatory prompted the investigation of the possible correlations between the abundance of F.prausnitzii and the response to treatment in patients with gut diseases and healthy controls. In a randomized, double-blind trial, faeces were collected from healthy volunteers, and from patients with active CD, ulcerative colitis (UC) and irritable bowel syndrome before and after treatment. The levels of F. prausnitzii DNA in faecal suspensions were determined by PCR. Treatment by an elemental diet was effective, resulting in decreases in both the Harvey and Bradshaw index (P<0.001) and the concentrations of serum C-reactive protein (P<0.05). The total levels of F. prausnitzii in faecal samples from CD patients at presentation were lower than those in the other groups both before and after the treatment. There was no correlation between F. prausnitzii abundance and the severity of CD before treatment. Clinical improvement unexpectedly correlated with a significant decrease in the abundance of F. prausnitzii, especially the A2-165 subgroup (P<0.05). Our data suggest that a paucity of F. prausnitzii in the gastrointestinal microbial communities is likely to be a minor aetiological factor in CD: recovery following elemental diet is attributed to lower levels of gut flora

All-or-Nothing Transforms as a Countermeasure to Differential Side-Channel Analysis

All-or-Nothing Encryption was introduced by Rivest as a countermeasure to brute force key search attacks. This work identifies a new application for All-or-Nothing Transforms, as a protocol-level countermeasure to Differential Side-Channel Analysis (DSCA). We describe an extension to the All-or-Nothing protocol, that strengthens the DCSA resistance of the cryptosystem. The resultant scheme is a practical alternative to Boolean and arithmetic masking, used to protect implementations of encryption and decryption operations on electronic devices