A security protocol for authentication of binding updates in Mobile IPv6.

Wireless communication technologies have come along way, improving with every generational leap. As communications evolve so do the system architectures, models and paradigms. Improvements have been seen in the jump from 2G to 3G networks in terms of security. Yet these issues persist and will continue to plague mobile communications into the leap towards 4G networks if not addressed. 4G will be based on the transmission of Internet packets only, using an architecture known as mobile IP. This will feature many advantages, however security is still a fundamental issue to be resolved. One particular security issue involves the route optimisation technique, which deals with binding updates. This allows the corresponding node to by-pass the home agent router to communicate directly with the mobile node. There are a variety of security vulnerabilities with binding updates, which include the interception of data packets, which would allow an attacker to eavesdrop on its contents, breaching the users confidentiality, or to modify transmitted packets for the attackers own malicious purposes. Other possible vulnerabilities with mobile IP include address spoofing, redirection and denial of service attacks. For many of these attacks, all the attacker needs to know is the IPv6 addresses of the mobile’s home agent and the corresponding node. There are a variety of security solutions to prevent these attacks from occurring. Two of the main solutions are cryptography and authentication. Cryptography allows the transmitted data to be scrambled in an undecipherable way resulting in any intercepted packets being illegible to the attacker. Only the party possessing the relevant key will be able to decrypt the message. Authentication is the process of verifying the identity of the user or device one is in communication with. Different authentication architectures exist however many of them rely on a central server to verify the users, resulting in a possible single point of attack. Decentralised authentication mechanisms would be more appropriate for the nature of mobile IP and several protocols are discussed. However they all posses’ flaws, whether they be overly resource intensive or give away vital address data, which can be used to mount an attack. As a result location privacy is investigated in a possible attempt at hiding this sensitive data. Finally, a security solution is proposed to address the security vulnerabilities found in binding updates and attempts to overcome the weaknesses of the examined security solutions. The security protocol proposed in this research involves three new security techniques. The first is a combined solution using Cryptographically Generated Addresses and Return Routability, which are already established solutions, and then introduces a new authentication procedure, to create the Distributed Authentication Protocol to aid with privacy, integrity and authentication. The second is an enhancement to Return Routability called Dual Identity Return Routability, which provides location verification authentication for multiple identities on the same device. The third security technique is called Mobile Home Agents, which provides device and user authentication while introducing location privacy and optimised communication routing. All three security techniques can be used together or individually and each needs to be passed before the binding update is accepted. Cryptographically Generated Addresses asserts the users ownership of the IPv6 address by generating the interface identifier by computing a cryptographic one-way hash function from the users’ public key and auxiliary parameters. The binding between the public key and the address can be verified by recomputing the hash value and by comparing the hash with the interface identifier. This method proves ownership of the address, however it does not prove the address is reachable. After establishing address ownership, Return Routability would then send two security tokens to the mobile node, one directly and one via the home agent. The mobile node would then combine them together to create an encryption key called the binding key allowing the binding update to be sent securely to the correspondent node. This technique provides a validation to the mobile nodes’ location and proves its ownership of the home agent. Return Routability provides a test to verify that the node is reachable. It does not verify that the IPv6 address is owned by the user. This method is combined with Cryptographically Generated Addresses to provide best of both worlds. The third aspect of the first security solution introduces a decentralised authentication mechanism. The correspondent requests the authentication data from both the mobile node and home agent. The mobile sends the data in plain text, which could be encrypted with the binding key and the home agent sends a hash of the data. The correspondent then converts the data so both are hashes and compares them. If they are the same, authentication is successful. This provides device and user authentication which when combined with Cryptographically Generated Addresses and Return Routability create a robust security solution called the Distributed Authentication Protocol. The second new technique was designed to provide an enhancement to a current security solution. Dual Identity Return Routability builds on the concept of Return Routability by providing two Mobile IPv6 addresses on a mobile device, giving the user two separate identities. After establishing address ownership with Cryptographically Generated Addresses, Dual Identity Return Routability would then send security data to both identities, each on a separate network and each having heir own home agents, and the mobile node would then combine them together to create the binding key allowing the binding update to be sent securely to the correspondent node. This technique provides protection against address spoofing as an attacker needs two separate ip addresses, which are linked together. Spoofing only a single address will not pass this security solution. One drawback of the security techniques described, however, is that none of them provide location privacy to hide the users IP address from attackers. An attacker cannot mount a direct attack if the user is invisible. The third new security solution designed is Mobile Home Agents. These are software agents, which provide location privacy to the mobile node by acting as a proxy between it and the network. The Mobile Home Agent resides on the point of attachment and migrates to a new point of attachment at the same time as the mobile node. This provides reduced latency communication and a secure environment for the mobile node. These solutions can be used separately or combined together to form a super security solution, which is demonstrated in this thesis and attempts to provide proof of address ownership, reachability, user and device authentication, location privacy and reduction in communication latency. All these security features are design to protect against one the most devastating attacks in Mobile IPv6, the false binding update, which can allow an attacker to impersonate and deny service to the mobile node by redirecting all data packets to itself. The solutions are all simulated with different scenarios and network configurations and with a variety of attacks, which attempt to send a false binding update to the correspondent node. The results were then collected and analysed to provide conclusive proof that the proposed solutions are effective and robust in protecting against the false binding updates creating a safe and secure network for all

The Imia Islets: A Beginning To The Maritime Delimitation Of The Aegean Sea Dispute

Since the fall of the Ottoman Empire, Greece and Turkey have each been vying for territory within their common waters in the Aegean Sea. For over five decades, the two governments have contested the territorial sovereignty of the two rocky islets of Imia, the delimitation of the continental shelf and the territorial sea, and whether the continental shelf is a natural prolongation of Greece or Turkey’s mainland coast. Not surprisingly then, the two countries have disagreed on where to draw the respective border in the Aegean Sea and, perhaps more fundamentally, on the application of certain practices under international law. The Aegean Sea is itself unique being 400 miles long and 200 miles wide, with thousands of islands scattered throughout it. Of particular importance are the Imia rocks and islets, which are scattered approximately 4 miles off Turkey’s west mainland coast, in the southeast Aegean Sea, and are also approximately 2.3 nautical miles from the Turkish island of Cavus. The islets are approximately 6 nautical miles east of the Greek island of Kalymnos, 1.9 miles southeast of the Greek island of Kalolimnos, and 1 mile west of the boundary that divides the Greek and Turkish territorial sea. Being so close to Greek and Turkish territories, the islands are at the center of the Greek-Turkish dispute. This Article will examine possible maritime and airspace delimitations through the application of international law, including customary law and bi- and multi-lateral conventions. Part II begins with a brief discussion of the historical background that has shaped Greek- Turkish relations and led to the present-day dispute. Part III analyzes whether Turkey is bound by the provisions of the United Nations Convention on the Law of the Sea, and Part IV proposes delimitations of the maritime zones, while specifically discussing the Imia islets and whether they are juridical islands capable of generating any maritime zones. Part V provides possible territorial sea delimitations to the entire Aegean Sea, while Part VI discusses the relation between the territorial sea regime and the airspace above it. Lastly, Part VII outlines methods to delimit the continental shelf and exclusive economic zone areas in the entire Aegean Sea before concluding with a discussion on various dispute resolution methods that Greece and Turkey may consider to resolve their long-standing issues in the Aegean

Introducing mobile home agents into the distributed authentication protocol to achieve location privacy in mobile IPv6

Mobile IPv6 will be the basis for the fourth generation 4G networks which will completely revolutionize the way telecommunication devices operate. This paradigm shift will occur due to the sole use of packed switching networks. Mobile IPv6 utilizes binding updates as a route optimization to reduced triangle routing between the mobile node, the home agent and the correspondent node, allowing direct communication between the mobile node and the correspondent. However, direct communication between the nodes produces a range of security vulnerabilities, which the home agent avoided. This paper attempts to provide the advantages of using the home agent as an intermediary whilst reducing the latency of triangle routing. This can be achieved with the proposed use of a mobile home agent which essentially follows the mobile node as it moves between points of attachment providing location privacy and pseudo-direct communication, which can be incorporated into the distributed authentication protocol or be used as a stand alone solution

Cavity QED with high-Q whispering gallery modes

We report measurements of cavity-QED effects for the radiative coupling of atoms in a dilute vapor to the external evanescent field of a whispering-gallery mode (WGM) in a fused silica microsphere. The high Q (5 x 10^(7)), small mode volume (10^(-8) cm^(3)), and unusual symmetry of the microcavity evanescent field enable velocity-selective interactions between fields with photon number of order unity in the WGM and (N) over bar(T) similar to 1 atoms in the surrounding vapor

Nonlinear interactions with an ultrahigh flux of broadband entangled photons

We experimentally demonstrate sum-frequency generation (SFG) with entangled photon-pairs, generating as many as 40,000 SFG photons per second, visible even to the naked eye. The nonclassical nature of the interaction is exhibited by a linear intensity-dependence of the nonlinear process. The key element in our scheme is the generation of an ultrahigh flux of entangled photons while maintaining their nonclassical properties. This is made possible by generating the down-converted photons as broadband as possible, orders of magnitude wider than the pump. This approach is readily applicable for other nonlinear interactions, and may be applicable for various quantum-measurement tasks.Comment: 4 pages, 2 figures, Accepted to Phys. Rev. Let

Delta-like and gtl2 are reciprocally expressed, differentially methylated linked imprinted genes on mouse chromosome 12

AbstractThe distal portion of mouse chromosome 12 is imprinted. To date, however, Gtl2 is the only imprinted gene identified on chromosome 12. Gtl2 encodes multiple alternatively spliced transcripts with no apparent open reading frame. Using conceptuses with maternal or paternal uniparental disomy for chromosome 12 (UPD12), we found that Gtl2 is expressed from the maternal allele and methylated at the 5′ end of the silent paternal allele. A reciprocally imprinted gene, Delta-like (Dlk), with homology to genes involved in the Notch signalling pathway was identified 80kb upstream of Gtl2. Dlk was expressed exclusively from the paternal allele in both the embryo and placenta, but the CpG-island promoter of Dlk was completely unmethylated on both parental alleles. Rather, a paternally methylated region was identified in the last exon of the active Dlk allele. The proximity, reciprocal imprinting and methylation in this domain are reminiscent of the co-ordinately regulated Igf2–H19 imprinted domain on mouse chromosome 7. Like H19 and Igf2, Gtl2 and Dlk were found to be co-expressed in the same tissues throughout development, though not after birth. These results have implications for the regulation, function and evolution of imprinted domains

Multi-scaled analysis of the damped dynamics of an elastic rod with an essentially nonlinear end attachment

We study multi-frequency transitions in the transient dynamics of a viscously damped dispersive finite rod with an essentially nonlinear end attachment. The attachment consists of a small mass connected to the rod by means of an essentially nonlinear stiffness in parallel to a viscous damper. First, the periodic orbits of the underlying hamiltonian system with no damping are computed, and depicted in a frequency–energy plot (FEP). This representation enables one to clearly distinguish between the different types of periodic motions, forming back bone curves and subharmonic tongues. Then the damped dynamics of the system is computed; the rod and attachment responses are initially analyzed by the numerical Morlet wavelet transform (WT), and then by the empirical mode decomposition (EMD) or Hilbert–Huang transform (HTT), whereby, the time series are decomposed in terms of intrinsic mode functions (IMFs) at different characteristic time scales (or, equivalently, frequency scales). Comparisons of the evolutions of the instantaneous frequencies of the IMFs to the WT spectra of the time series enables one to identify the dominant IMFs of the signals, as well as, the time scales at which the dominant dynamics evolve at different time windows of the responses; hence, it is possible to reconstruct complex transient responses as superposition of the dominant IMFs involving different time scales of the dynamical response. Moreover, by superimposing the WT spectra and the instantaneous frequencies of the IMFs to the FEPs of the underlying hamiltonian system, one is able to clearly identify the multi-scaled transitions that occur in the transient damped dynamics, and to interpret them as ‘jumps’ between different branches of periodic orbits of the underlying hamiltonian system. As a result, this work develops a physics-based, multi-scaled framework and provides the necessary computational tools for multi-scaled analysis of complex multi-frequency transitions of essentially nonlinear dynamical systems

Assessing the acoustic behaviour of Anopheles gambiae (s.l.) dsxF mutants: implications for vector control

BACKGROUND: Release of gene-drive mutants to suppress Anopheles mosquito reproduction is a promising method of malaria control. However, many scientific, regulatory and ethical questions remain before transgenic mosquitoes can be utilised in the field. At a behavioural level, gene-drive carrying mutants should be at least as sexually attractive as the wildtype populations they compete against, with a key element of Anopheles copulation being acoustic courtship. We analysed sound emissions and acoustic preference in a doublesex mutant previously used to collapse Anopheles gambiae (s.l.) cages. METHODS: Anopheles rely on flight tones produced by the beating of their wings for acoustic mating communication. We assessed the impact of disrupting a female-specific isoform of the doublesex gene (dsxF) on the wing beat frequency (WBF; measured as flight tone) of males (XY) and females (XX) in homozygous dsxF- mutants (dsxF-/-), heterozygous dsxF- carriers (dsxF+/-) and G3 dsxF+ controls (dsxF+/+). To exclude non-genetic influences, we controlled for temperature and wing length. We used a phonotaxis assay to test the acoustic preferences of mutant and control mosquitoes. RESULTS: A previous study showed an altered phenotype only for dsxF-/- females, who appear intersex, suggesting that the female-specific dsxF allele is haplosufficient. We identified significant, dose-dependent increases in the WBF of both dsxF-/- and dsxF+/- females compared to dsxF+/+ females. All female WBFs remained significantly lower than male equivalents, though. Males showed stronger phonotactic responses to the WBFs of control dsxF+/+ females than to those of dsxF+/- and dsxF-/- females. We found no evidence of phonotaxis in any female genotype. No male genotypes displayed any deviations from controls. CONCLUSIONS: A prerequisite for anopheline copulation is the phonotactic attraction of males towards female flight tones within mating swarms. Reductions in mutant acoustic attractiveness diminish their mating efficiency and thus the efficacy of population control efforts. Caged population assessments may not successfully reproduce natural mating scenarios. We propose to amend existing testing protocols to better reflect competition between mutants and target populations. Our findings confirm that dsxF disruption has no effect on males; for some phenotypic traits, such as female WBFs, the effects of dsxF appear dose-dependent rather than haplosufficient

Teleportation of continuous quantum variables

A particularly startling discovery by Bennett et al. is the possibility for teleportation of a quantum state, whereby an unknown state of a spin-1/2 particle is transported by Alice from a sending station to Bob at a receiving terminal by conveying 2 bits of classical information. Beyond the context of dichotomic variables, Vaidman has analyzed teleportation of the wave function of a one-dimensional particle in a beautiful variation of the original EPR paradox. Here we extend Vaidman's analysis to incorporate finite (nonsingular) degrees of correlation among the relevant particles