Decryption Failure Attacks on Post-Quantum Cryptography

This dissertation discusses mainly new cryptanalytical results related to issues of securely implementing the next generation of asymmetric cryptography, or Public-Key Cryptography (PKC).PKC, as it has been deployed until today, depends heavily on the integer factorization and the discrete logarithm problems.Unfortunately, it has been well-known since the mid-90s, that these mathematical problems can be solved due to Peter Shor's algorithm for quantum computers, which achieves the answers in polynomial time.The recently accelerated pace of R&D towards quantum computers, eventually of sufficient size and power to threaten cryptography, has led the crypto research community towards a major shift of focus.A project towards standardization of Post-quantum Cryptography (PQC) was launched by the US-based standardization organization, NIST. PQC is the name given to algorithms designed for running on classical hardware/software whilst being resistant to attacks from quantum computers.PQC is well suited for replacing the current asymmetric schemes.A primary motivation for the project is to guide publicly available research toward the singular goal of finding weaknesses in the proposed next generation of PKC.For public key encryption (PKE) or digital signature (DS) schemes to be considered secure they must be shown to rely heavily on well-known mathematical problems with theoretical proofs of security under established models, such as indistinguishability under chosen ciphertext attack (IND-CCA).Also, they must withstand serious attack attempts by well-renowned cryptographers both concerning theoretical security and the actual software/hardware instantiations.It is well-known that security models, such as IND-CCA, are not designed to capture the intricacies of inner-state leakages.Such leakages are named side-channels, which is currently a major topic of interest in the NIST PQC project.This dissertation focuses on two things, in general:1) how does the low but non-zero probability of decryption failures affect the cryptanalysis of these new PQC candidates?And 2) how might side-channel vulnerabilities inadvertently be introduced when going from theory to the practice of software/hardware implementations?Of main concern are PQC algorithms based on lattice theory and coding theory.The primary contributions are the discovery of novel decryption failure side-channel attacks, improvements on existing attacks, an alternative implementation to a part of a PQC scheme, and some more theoretical cryptanalytical results

Erioderma pedicellatum : an ecophysiological study of a globally threatened pioneer lichen on thin spruce branches in old forests

Lichen extinction occurs at a fast rate due to human activity, and species yet to be discovered are likely go extinct every year. Many species close to extinction may still be rescued by conservation management based on an understanding of species-specific habitat requirements and physiological responses. Erioderma pedicellatum is close to extinction and only known at a few sites world-wide. To prevent this species from going extinct, we need to know its ecophysiological responses and why it is rare. At its last remaining site in Europe, Tegningfallet in Norway, a spatially restricted population of 1500-2000 thalli dominate the epiphytic vegetation in a few Picea abies trees in a canyon with a waterfall. Microclimatic conditions at the site show that E. pedicellatum demands high-light conditions in combination with high relative humidity and relatively cool temperatures. It further requires unusually high pH branches of Picea abies. Erioderma pedicellatum has a high CO2 and O2-uptake under suitable conditions, experiences suprasaturation depression of photosynthesis at high water contents, and its growth rate was reduced with increasing thallus size. Too humid conditions appeared harmful for the species. Erioderma pedicellatum tolerates desiccation in combination with light well, but the population at Tegningfallet is shaded from direct sun light during the entire winter. Optimum temperature range for photosynthesis occurred at 10-15 °C, temperatures ≥25 °C significantly reduced carbon gain. Morphology and functional hydration traits significantly differed between the Tegningfallet and Newfoundland populations, in line with the different hydration sources in these two habitats. Understanding why and how E. pedicellatum can exist at a site such as Tegningfallet is essential for understanding how we can prevent this species from going extinct, and the presented results should encourage new management action plans and further research at the other remaining sites of the species. Methods used in this thesis could also be applicable for ecological understanding of other lichen species at risk of extinction.M-N

The Dirichlet Super-p-Branes in Ten-Dimensional Type IIA and IIB Supergravity

We give the full supersymmetric and kappa-symmetric actions for the Dirichlet p-branes, including their coupling to background superfields of ten-dimensional type IIA and IIB supergravity.Comment: 24 pages, plain TeX. Replacement corrects text positioning in automatically generated postscript fil

Multi-kilowatt single-mode ytterbium-doped large-core fiber laser

We have demonstrated a highly efficient cladding-pumped ytterbium-doped fiber laser, generating >2.1 kW of continuous-wave output power at 1.1 µm with 74% slope efficiency with respect to launched pump power. The beam quality factor (M2) was better than 1.2. The maximum output power was only limited by available pump power, showing no evidence of roll-over even at the highest output power. We present data on how the beam quality depends on the fiber parameter, based on our current and past fiber laser developments. We also discuss the ultimate power-capability of our fiber in terms of thermal management, Raman nonlinear scattering, and material damage, and estimate it to 10 k

Simulation of the forming and assembling process of sheet metal assembly

A sheet metal assembly must meet functional, manufacturing, and sometimes also esthetical requirements. The properties of the assembly are to a large extent affected by the manufacturing process, i.e. the forming processes of the sheet metal components and the subsequent assembling sub-processes. It is of a great industrial interest to be able to predict the properties of the assembly at an early design stage. This paper presents a methodology, based on Finite Element simulations, which makes it possible to accurately predict the properties of a sheet metal assembly. Each forming process of the individual components is simulated, and all properties affected by the forming process are included in the subsequent simulations of the assembling process. Thus, this methodology makes it possible to optimize both the functional properties of the assembly and also its manufacturing process considering all mechanical effects introduced by the individual manufacturing processes. A case study of a semi-industrial assembly has been conducted and the simulation results agree well to experimental data

Preferential centrality as a multi-regional model for spatial interaction and urban agglomeration

Understanding how transportation networks affect regional development has been a long-standing challenge for modellers in several disciplines, both in research and practice. Approaches span between light-weight accessibility and centrality models, to data-heavy land use-transport interaction models. Centrality models have been increasingly employed to support spatial planning on the city-scale, where such techniques are attractive due to their low requirements of socio-economic and demographic data, while they also maintain representations of essential features such as accessibility. However, it has been less clear if such approaches can be successfully extended from the urban to the regional scale. In this paper we demonstrate how a recently introduced centrality measure – preferential centrality – can be used as a modelling framework on the multi-regional scale, while retaining high intra-urban spatial resolution. Centrality is calculated on a zonal level, with local plot characteristics and network travel times as input. Preferential centrality is calculated similarly to Google PageRank and eigenvector centrality, but with preferential growth as an additional component that represents local agglomeration processes. To examine the explanatory power of this approach, we compare computed centrality with empirical land taxation values, using the southern half of Sweden as a case study area. Using a static accessibility model as benchmark, we find that the preferential model has a higher capacity to reproduce empirical patterns, with regard to geographical correlations as well as for probability distributions. Our findings suggest that preferential centrality analysis can have practical value in urban and regional planning contexts, for example when assessing the geographical distribution of impacts from transport infrastructure investments

Critical examination of cohesive-zone models in the theory of dynamic fracture

We have examined a class of cohesive-zone models of dynamic mode-I fracture, looking both at steady-state crack propagation and its stability against out-of-plane perturbations. Our work is an extension of that of Ching, Langer, and Nakanishi (CLN) (Phys. Rev. E, vol. 53, no. 3, p. 2864 (1996)), who studied a non-dissipative version of this model and reported strong instability at all non-zero crack speeds. We have reformulated the CLN theory and have discovered, surprisingly, that their model is mathematically ill-posed. In an attempt to correct this difficulty and to construct models that might exhibit realistic behavior, we have extended the CLN analysis to include dissipative mechanisms within the cohesive zone. We have succeeded to some extent in finding mathematically well posed systems; and we even have found a class of models for which a transition from stability to instability may occur at a nonzero crack speed via a Hopf bifurcation at a finite wavelength of the applied perturbation. However, our general conclusion is that these cohesive-zone models are inherently unsatisfactory for use in dynamical studies. They are extremely difficult mathematically, and they seem to be highly sensitive to details that ought to be physically unimportant.Comment: 19 pages, REVTeX 3.1, epsf.sty, also available at http://itp.ucsb.edu/~lobkovs