The scaling limit of the incipient infinite cluster in high-dimensional percolation. II. Integrated super-Brownian excursion

For independent nearest-neighbour bond percolation on Z^d with d >> 6, we prove that the incipient infinite cluster's two-point function and three-point function converge to those of integrated super-Brownian excursion (ISE) in the scaling limit. The proof is based on an extension of the new expansion for percolation derived in a previous paper, and involves treating the magnetic field as a complex variable. A special case of our result for the two-point function implies that the probability that the cluster of the origin consists of n sites, at the critical point, is given by a multiple of n^{-3/2}, plus an error term of order n^{-3/2-\epsilon} with \epsilon >0. This is a strong statement that the critical exponent delta is given by delta =2.Comment: 56 pages, 3 Postscript figures, in AMS-LaTeX, with graphicx, epic, and xr package

On three-manifolds dominated by circle bundles

We determine which three-manifolds are dominated by products. The result is that a closed, oriented, connected three-manifold is dominated by a product if and only if it is finitely covered either by a product or by a connected sum of copies of the product of the two-sphere and the circle. This characterization can also be formulated in terms of Thurston geometries, or in terms of purely algebraic properties of the fundamental group. We also determine which three-manifolds are dominated by non-trivial circle bundles, and which three-manifold groups are presentable by products.Comment: 12 pages; to appear in Math. Zeitschrift; ISSN 1103-467

Practical Low Data-Complexity Subspace-Trail Cryptanalysis of Round-Reduced PRINCE

Subspace trail cryptanalysis is a very recent new cryptanalysis technique, and includes differential, truncated differential, impossible differential, and integral attacks as special cases. In this paper, we consider PRINCE, a widely analyzed block cipher proposed in 2012. After the identification of a 2.5 rounds subspace trail of PRINCE, we present several (truncated differential) attacks up to 6 rounds of PRINCE. This includes a very practical attack with the lowest data complexity of only 8 plaintexts for 4 rounds, which co-won the final round of the PRINCE challenge in the 4-round chosen-plaintext category. The attacks have been verified using a C implementation. Of independent interest, we consider a variant of PRINCE in which ShiftRows and MixLayer operations are exchanged in position. In particular, our result shows that the position of ShiftRows and MixLayer operations influences the security of PRINCE. The same analysis applies to follow-up designs inspired by PRINCE

Improved Key Recovery Attacks on Reduced-Round AES with Practical Data an d Memory Complexities

Determining the security of AES is a central problem in cryptanalysis, but progress in this area had been slow and only a handful of cryptanalytic techniques led to significant advancements. At Eurocrypt 2017 Grassi et al. presented a novel type of distinguisher for AES-like structures, but so far all the published attacks which were based on this distinguisher were inferior to previously known attacks in their complexity. In this paper we combine the technique of Grassi et al. with several other techniques in a novel way to obtain the best known key recovery attack on 5-round AES in the single-key model, reducing its overall complexity from about $2^{32}$ to less than $2^{22}$. Extending our techniques to 7-round AES, we obtain the best known attacks on AES-192 which use practical amounts of data and memory, breaking the record for such attacks which was obtained in 2000 by the classical Square attack

Quantum Demiric-Selçuk Meet-in-the-Middle Attacks: Applications to 6-Round Generic Feistel Constructions

This paper shows that quantum computers can significantly speed-up a type of meet-in-the-middle attacks initiated by Demiric and Selçuk (DS-MITM attacks), which is currently one of the most powerful cryptanalytic approaches in the classical setting against symmetric-key schemes. The quantum DS-MITM attacks are demonstrated against 6 rounds of the generic Feistel construction supporting an $n$-bit key and an $n$-bit block, which was attacked by Guo et al. in the classical setting with data, time, and memory complexities of $O(2^{3n/4})$. The complexities of our quantum attacks depend on the adversary\u27s model and the number of qubits available. When the adversary has an access to quantum computers for offline computations but online queries are made in a classical manner (so called Q1 model), the attack complexities are $O(2^{n/2})$ classical queries, $O(2^n/q)$ quantum computations by using about $q$ qubits. Those are balanced at $\tilde{O}(2^{n/2})$, which significantly improves the classical attack. Technically, we convert the quantum claw finding algorithm to be suitable in the Q1 model. The attack is then extended to the case that the adversary can make superposition queries (so called Q2 model). The attack approach is drastically changed from the one in the Q1 model; the attack is based on 3-round distinguishers with Simon\u27s algorithm and then appends 3 rounds for key recovery. This can be solved by applying the combination of Simon\u27s and Grover\u27s algorithms recently proposed by Leander and May

The Exchange Attack: How to Distinguish Six Rounds of AES with 288.22^{88.2} chosen plaintexts

In this paper we present exchange-equivalence attacks which is a new cryptanalytic attack technique suitable for SPN-like block cipher designs. Our new technique results in the first secret-key chosen plaintext distinguisher for 6-round AES. The complexity of the distinguisher is about $2^{88.2}$ in terms of data, memory and computational complexity. The distinguishing attack for AES reduced to six rounds is a straight-forward extension of an exchange attack for 5-round AES that requires $2^{30}$ in terms of chosen plaintexts and computation. This is also a new record for AES reduced to five rounds. The main result of this paper is that AES up to at least six rounds is biased when restricted to exchange-invariant sets of plaintexts

How to Use Metaheuristics for Design of Symmetric-Key Primitives

The ultimate goal of designing a symmetric-key cryptographic primitive often can be formulated as an optimization problem. So far, these problems mainly have been solved with trivial algorithms such as brute force or random search. We show that a more advanced and equally versatile class of search algorithms, called metaheuristics, can help to tackle optimization problems related to design of symmetric-key primitives. We use two nature-inspired metaheuristics, simulated annealing and genetic algorithm, to optimize in terms of security the components of two recent cryptographic designs, SKINNY and AES-round based constructions. The positive outputs of the optimization suggest that metaheuristics are non-trivial tools, well suited for automatic design of primitives

Whales in the carbon cycle: can recovery remove carbon dioxide?

The great whales (baleen and sperm whales), through their massive size and wide distribution, influence ecosystem and carbon dynamics. Whales directly store carbon in their biomass and contribute to carbon export through sinking carcasses. Whale excreta may stimulate phytoplankton growth and capture atmospheric CO2; such indirect pathways represent the greatest potential for whale-carbon sequestration but are poorly understood. We quantify the carbon values of whales while recognizing the numerous ecosystem, cultural, and moral motivations to protect them. We also propose a framework to quantify the economic value of whale carbon as populations change over time. Finally, we suggest research to address key unknowns (e.g., bioavailability of whale derived nutrients to phytoplankton, species- and region-specific variability in whale carbon contributions).We thank Whale and Dolphin Conservation for constructive feedback, especially Vicki James and Ed Goodall, and for funding to support the graphics and publication fees. We also thank Kristen Krumhardt and two anonymous reviewers for helpful feedback. M.S.S. was supported by the National Science Foundation (PRFB 1906332) and MAC3 Impact Philanthropies