Rijndael Circuit Level Cryptanalysis

The Rijndael cipher was chosen as the Advanced Encryption Standard (AES) in August 1999. Its internal structure exhibits unusual properties such as a clean and simple algebraic description for the S-box. In this research, we construct a scalable family of ciphers which behave very much like the original Rijndael. This approach gives us the opportunity to use computational complexity theory. In the main result, we generate a candidate one-way function family from the scalable Rijndael family. We note that, although reduction to one-way functions is a common theme in the theory of public-key cryptography, it is rare to have such a defense of security in the private-key theatre. In this thesis a plan of attack is introduced at the circuit level whose aim is not break the cryptosystem in any practical way, but simply to break the very bold Rijndael security claim. To achieve this goal, we are led to a formal understanding of the Rijndael security claim, juxtaposing it with rigorous security treatments. Several of the questions that arise in this regard are as follows: ``Do invertible functions represented by circuits with very small numbers of gates have better than worst case implementations for their inverses?\u27 ``How many plaintext/ciphertext pairs are needed to uniquely determine the Rijndael key?\u2

Generic Construction of Trace and Revoke Schemes

Broadcast encryption (BE) is a cryptographic primitive that allows a broadcaster to encrypt digital content to a privileged set of users and in this way prevent revoked users from accessing the content. In BE schemes, a group of users, called traitor s may leak their keys and enable an adversary to receive the content. Such malicious users can be detected through traitor tracing (TT) schemes. The ultimate goal in a content distribution system would be combining traitor tracing and broadcast encryption (resulting in a trace and revoke system) so that any receiver key found to be compromised in a tracing process would be revoked from future transmissions. In this paper, we propose a generic method to transform a broadcast encryption scheme into a trace and revoke scheme. This transformation involves the utilization of a fingerprinting code over the underlying BE transmission. While fingerprinting codes have been used for constructing traitor tracing schemes in the past, their usage has various shortcomings such as the increase of the public key size with a linear factor in the length of the code. Instead, we propose a novel way to apply fingerprinting codes that allows for efficient parameters while retaining the traceability property. Our approach is based on a new property of fingerprinting codes we introduce, called public samplability. We have instantiated our generic transformation with the BE schemes of [4, 13, 20] something that enables us to produce trace and revoke schemes with novel properties. Specifically, we show (i) a trace and revoke scheme with constant private key size and short ciphertext size, (ii) the first ID-based trace and revoke scheme, (iii) the first publicly traceable scheme with constant private key size and (iv) the first trace and revoke scheme against pirate rebroadcasting attack in the public key setting

Encryption mechanisms for digital content distribution

Consider a digital content owner who wants to distribute the content to a receiver population while at the same time is willing to secure the ownership rights by regulating the proper use of product. In particular, the content owner wishes to (i) deliver the digital content to a set of intended receivers only and (ii) ensure the copyright protection by discouraging the piracy(redistribution of the content) in any possible way. This, in a nutshell, is the problem of designing encryption mechanisms for digital content distribution. ^ While there are schemes that achieve the former goal, (i), by adopting some revocation mechanism (Broadcast Encryption), the latter goal, (ii), is also possible by identifying the leaker in case of an event that a number of receivers (traitors) have leaked their cryptographic keys (Traitor Tracing). The ultimate goal is to combine both revocation and tracing in a single scheme that prevents the reception of the content by the identified traitor (Trace and Revoke Schemes). ^ These tools are the only ways of enforcing the proper use of product, and can serve as evidences for an illegal distribution of intellectual products. In this thesis, we improved the state-of-the-art of designing cryptographic primitives by presenting a solid exposition of the underlying mathematics that unifies all related primitives, attack models, security definitions and parameter analysis as well as proposing new attack models and designing new schemes. ^ We study the algebraic structure of broadcast encryption schemes based on exclusive set systems, in particular Subset Cover Framework. We describe the algebraic properties that are sufficient for optimal revocation which simplifies the design of new schemes; and indeed we present new generic techniques that are applicable over the set systems that satisfy the properties we put forth. We further, present a detailed proof of security of such schemes. ^ We propose a novel attack concept, called Pirate Evolution, for which trace and revoke schemes, in general, are susceptible to even though they are secure in the sense of both revocation and tracing in isolation. ^ We present the first complete survey of the fingerprinting codes. Traitor tracing has different notions depending on the adversarial model, the capabilities of the pirate and the interaction of tracer with the pirate. We presented a unique formalization that captures all these notions for the first time which provides us an insight in finding the first efficient constructions of tracing and revoking pirate rebroadcasts that are capable of performing tracing for unlimited number of traitors and revoking unlimited number of users.

Encryption mechanisms for digital content distribution

Consider a digital content owner who wants to distribute the content to a receiver population while at the same time is willing to secure the ownership rights by regulating the proper use of product. In particular, the content owner wishes to (i) deliver the digital content to a set of intended receivers only and (ii) ensure the copyright protection by discouraging the piracy(redistribution of the content) in any possible way. This, in a nutshell, is the problem of designing encryption mechanisms for digital content distribution. ^ While there are schemes that achieve the former goal, (i), by adopting some revocation mechanism (Broadcast Encryption), the latter goal, (ii), is also possible by identifying the leaker in case of an event that a number of receivers (traitors) have leaked their cryptographic keys (Traitor Tracing). The ultimate goal is to combine both revocation and tracing in a single scheme that prevents the reception of the content by the identified traitor (Trace and Revoke Schemes). ^ These tools are the only ways of enforcing the proper use of product, and can serve as evidences for an illegal distribution of intellectual products. In this thesis, we improved the state-of-the-art of designing cryptographic primitives by presenting a solid exposition of the underlying mathematics that unifies all related primitives, attack models, security definitions and parameter analysis as well as proposing new attack models and designing new schemes. ^ We study the algebraic structure of broadcast encryption schemes based on exclusive set systems, in particular Subset Cover Framework. We describe the algebraic properties that are sufficient for optimal revocation which simplifies the design of new schemes; and indeed we present new generic techniques that are applicable over the set systems that satisfy the properties we put forth. We further, present a detailed proof of security of such schemes. ^ We propose a novel attack concept, called Pirate Evolution, for which trace and revoke schemes, in general, are susceptible to even though they are secure in the sense of both revocation and tracing in isolation. ^ We present the first complete survey of the fingerprinting codes. Traitor tracing has different notions depending on the adversarial model, the capabilities of the pirate and the interaction of tracer with the pirate. We presented a unique formalization that captures all these notions for the first time which provides us an insight in finding the first efficient constructions of tracing and revoking pirate rebroadcasts that are capable of performing tracing for unlimited number of traitors and revoking unlimited number of users.

Anonymous trace and revoke

A broadcast encryption (BE) scheme is a method for encrypting messages in a way that only a set of privileged users can decrypt it. Anonymity in a BE system is to hide any information on the privileged set. This problem has very recently had some attention and some constructions are proposed to achieve anonymity. However, anonymity in a trace and revoke (TR) scheme has not been studied yet, and to the best of our knowledge there is no construction for an anonymous TR system. In this paper, we present a generic transformation from an anonymous BE scheme into an anonymous TR scheme. (C) 2013 Elsevier B.V. All rights reserved

Ensino da prática de cateterismo epidural torácico em diferentes anos de residência em anestesia

ResumoJustificativa e objetivosEsclarecer a importância do ano de residência e outros fatores que influenciam o sucesso do cateterismo epidural torácico (CET) em pacientes submetidos à toracotomia.MétodosApós a aprovação do Comitê de Ética, os dados foram retrospectivamente analisados a partir dos prontuários de 415 pacientes. Todos os pacientes assinaram os termos de consentimento informado. As tentativas de CET foram divididas em dois grupos: segundo‐terceiro ano (Grupo I) e quarto ano (Grupo II), de acordo com o ano de residência. Dados demográficos, características das tentativas de CET e todas as dificuldades e complicações durante o CET foram registrados retrospectivamente.ResultadosA taxa de sucesso global de CET foi semelhante entre os grupos. Os níveis de colocação do cateter, o número e a duração das tentativas não foram diferentes entre os grupos (p>0,05). A alteração do nível de inserção da agulha foi estatisticamente maior no Grupo II (p=0,008), enquanto que a parestesia foi significativamente maior no Grupo I (p=0,007). As taxas de cefaleia durante e após punção dural foram maiores no Grupo I. Um índice de massa corporal (IMC) maior e o nível do local de inserção foram fatores significativos para o fracasso do CET e para as taxas de complicações no pós‐operatório, mas independentes da experiência dos residentes (p<0,001, 0,005).ConclusãoO IMC e o nível do local de inserção foram significativos para o fracasso do CET e para as taxas de complicações no pós‐operatório. Pensamos que o ano de residência não é um fator significativo em termos de taxa de sucesso global para o CET, mas é importante para o resultado desses procedimentos.AbstractBackground and objectivesIn this study, we aimed to clarify the importance of residency grade and other factors which influence the success of thoracic epidural catheterization in thoracotomy patients.MethodsAfter the ethical committee approval, data were recorded retrospectively from the charts of 415 patients. All patients had given written informed consent. The thoracic epidural catheterization attempts were divided into two groups as second–third year (Group I) and fourth year (Group II) according to residency grade. We retrospectively collected demographic data, characteristics of thoracic epidural catheterization attempts, and all difficulties and complications during thoracic epidural catheterization.ResultsOverall success rate of thoracic epidural catheterization was similar between the groups. Levels of catheter placement, number and duration of thoracic epidural catheterization attempts were not different between the groups (p>0.05). Change of needle insertion level was statistically higher in Group II (p=0.008), whereas paresthesia was significantly higher in Group I (p=0.007). Dural puncture and postdural puncture headache rates were higher in Group I. Higher body mass index and level of the insertion site were significant factors for thoracic epidural catheterization failure and postoperative complication rate and those were independence from residents’ experience (p<0.001, 0.005).ConclusionBody mass index and level of insertion site were significant on thoracic epidural catheterization failure and postoperative complication rate. We think that residents’ grade is not a significant factor in terms overall success rate of thoracic epidural catheterization, but it is important for outcome of these procedures

Immediate and Follow-Up Results of Repeat Percutaneous Mitral Balloon Commissurotomy for Restenosis After a Succesful First Procedure

Background: The widespread use of percutaneous mitral commissurotomy (PMC) has led to an increase in restenosis cases. The data regarding follow-up results of repeat PMC are quite limited. The aim of this retrospective analysis is to evaluate the immediate and midterm results of the second PMC, in patients with symptomatic mitral restenosis after a succesful first procedure. Methods: Twenty patients (95% female, mean age 37 +/- 4 years) who have undergone a second PMC, 6.3 +/- 2.5 years after a first successful intervention built the study group. All were in sinus rhythm, with a mean Wilkins score of 8.5 +/- 1.2. Results: The valve area increased from 1.2 +/- 0.2 to 1.9 +/- 0.2 cm2 and mean gradient decreased from 10.5 +/- 3.4 to 6.1 +/- 1.1 mmHg. There were no complications except for a transient embolic event without sequela (5%) and two cases (10%) of severe mitral regurgitation. The immediate success rate was 90%. The mean follow-up was 70 +/- 29 months (36-156 months). The 5-year restenosis and intervention (repeat PMC or valve replacement) rates were 9.1 +/- 5.2% and 3.6 +/- 3.3%, respectively. The intervention free 5-year survival in good functional capacity (New York Heart Association [NYHA] I-II) was 95.1 +/- 5.5% and restenosis and intervention free 5-year survival with good functional capacity was 89.7 +/- 6.8%. Conclusions: Although from a limited number of selected patients, these findings indicate that repeat PMC is a safe and effective method, with follow-up results similar to a first intervention and should be considered as the first therapeutic option in suitable patients. (Echocardiography 2010;27:765-769)