The role of fingerprints in the coding of tactile information probed with a biomimetic sensor

In humans, the tactile perception of fine textures (spatial scale <200 micrometers) is mediated by skin vibrations generated as the finger scans the surface. To establish the relationship between texture characteristics and subcutaneous vibrations, a biomimetic tactile sensor has been designed whose dimensions match those of the fingertip. When the sensor surface is patterned with parallel ridges mimicking the fingerprints, the spectrum of vibrations elicited by randomly textured substrates is dominated by one frequency set by the ratio of the scanning speed to the interridge distance. For human touch, this frequency falls within the optimal range of sensitivity of Pacinian afferents, which mediate the coding of fine textures. Thus, fingerprints may perform spectral selection and amplification of tactile information that facilitate its processing by specific mechanoreceptors.Comment: 25 pages, 11 figures, article + supporting materia

Clustering effect in Simon and Simeck

SIMON and SIMECK are two lightweight block ciphers with a simple round function using only word rotations and a bit-wise AND operation. Previous work has shown a strong clustering effect for differential and linear cryptanalysis, due to the existence of many trails with the same inputs and outputs. In this paper, we explore this clustering effect by exhibiting a class of high probability differential and linear trails where the active bits stay in a fixed window of w bits. Instead of enumerating a set of good trails contributing to a differential or a linear approximation, we compute the probability distribution over this space, including all trails in the class. This results in stronger distinguishers than previously proposed, and we describe key recovery attacks against SIMON and SIMECK improving the previous results by u

Quantum linearization attacks

Recent works have shown that quantum period-finding can be used to break many popular constructions (some block ciphers such as Even-Mansour, multiple MACs and AEs...) in the superposition query model. So far, all the constructions broken exhibited a strong algebraic structure, which enables to craft a periodic function of a single input block. Recoverin

From Scattering Amplitudes to the Dilatation Generator in N=4 SYM

The complete spin chain representation of the planar N=4 SYM dilatation generator has long been known at one loop, where it involves leading nearest-neighbor 2 -> 2 interactions. In this work we use superconformal symmetry to derive the unique solution for the leading L -> 2 interactions of the planar dilatation generator for arbitrarily large L. We then propose that these interactions are given by the scattering operator that has N=4 SYM tree-level scattering amplitudes as matrix elements. We provide compelling evidence for this proposal, including explicit checks for L=2,3 and a proof of consistency with superconformal symmetry.Comment: 39 pages, v2: reference added and minor changes, published versio

Quantum Spectral Curve at Work: From Small Spin to Strong Coupling in N=4 SYM

We apply the recently proposed quantum spectral curve technique to the study of twist operators in planar N=4 SYM theory. We focus on the small spin expansion of anomalous dimensions in the sl(2) sector and compute its first two orders exactly for any value of the 't Hooft coupling. At leading order in the spin S we reproduced Basso's slope function. The next term of order S^2 structurally resembles the Beisert-Eden-Staudacher dressing phase and takes into account wrapping contributions. This expansion contains rich information about the spectrum of local operators at strong coupling. In particular, we found a new coefficient in the strong coupling expansion of the Konishi operator dimension and confirmed several previously known terms. We also obtained several new orders of the strong coupling expansion of the BFKL pomeron intercept. As a by-product we formulated a prescription for the correct analytical continuation in S which opens a way for deriving the BFKL regime of twist two anomalous dimensions from AdS/CFT integrability.Comment: 53 pages, references added; v3: due to a typo in the coefficients C_2 and D_2 on page 29 we corrected the rational part of the strong coupling predictions in equations (1.5-6), (6.22-24), (6.27-30) and in Table

Quark--anti-quark potential in N=4 SYM

We construct a closed system of equations describing the quark--anti-quark potential at any coupling in planar N=4 supersymmetric Yang-Mills theory. It is based on the Quantum Spectral Curve method supplemented with a novel type of asymptotics. We present a high precision numerical solution reproducing the classical and one-loop string predictions very accurately. We also analytically compute the first 7 nontrivial orders of the weak coupling expansion. Moreover, we study analytically the generalized quark--anti-quark potential in the limit of large imaginary twist to all orders in perturbation theory. We demonstrate how the QSC reduces in this case to a one-dimensional Schrodinger equation. In the process we establish a link between the Q-functions and the solution of the Bethe-Salpeter equation.Comment: 31 pages, 1 figure; v2: minor correcton

Internal symmetries and linear properties: Full-permutation distinguishers and improved collisions on Gimli

Gimli is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate Gimli is based on the permutation Gimli, which was presented at CHES 2017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in Gimli and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity 2^64. We also provide a practical distinguisher on 23 out of the full 24 rounds of Gimli that has been implemented. Next, we give (full state) collision and semi-free start collision attacks on Gimli-Hash, reaching, respectively, up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round Gimli-Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in Gimli, and we find a linear distinguisher on the full permutation

Cryptanalysis of MORUS

Item does not contain fulltextAdvances in Cryptology - ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2-

New Attacks on the Concatenation and XOR Hash Combiners

We study the security of the concatenation combiner $H_1(M) \| H_2(M)$ for two independent iterated hash functions with $n$-bit outputs that are built using the Merkle-Damgård construction. In 2004 Joux showed that the concatenation combiner of hash functions with an $n$-bit internal state does not offer better collision and preimage resistance compared to a single strong $n$-bit hash function. On the other hand, the problem of devising second preimage attacks faster than $2^n$ against this combiner has remained open since 2005 when Kelsey and Schneier showed that a single Merkle-Damgård hash function does not offer optimal second preimage resistance for long messages. In this paper, we develop new algorithms for cryptanalysis of hash combiners and use them to devise the first second preimage attack on the concatenation combiner. The attack finds second preimages faster than $2^n$ for messages longer than $2^{2n/7}$ and has optimal complexity of $2^{3n/4}$. This shows that the concatenation of two Merkle-Damgård hash functions is not as strong a single ideal hash function. Our methods are also applicable to other well-studied combiners, and we use them to devise a new preimage attack with complexity of $2^{2n/3}$ on the XOR combiner $H_1(M) \oplus H_2(M)$ of two Merkle-Damgård hash functions. This improves upon the attack by Leurent and Wang (presented at Eurocrypt 2015) whose complexity is $2^{5n/6}$ (but unlike our attack is also applicable to HAIFA hash functions). Our algorithms exploit properties of random mappings generated by fixing the message block input to the compression functions of $H_1$ and $H_2$. Such random mappings have been widely used in cryptanalysis, but we exploit them in new ways to attack hash function combiners