1,520 research outputs found
Lengths May Break Privacy â Or How to Check for Equivalences with Length
Security protocols have been successfully analyzed using symbolic models, where messages are represented by terms and protocols by processes. Privacy properties like anonymity or untraceability are typically expressed as equivalence between processes. While some decision procedures have been proposed for automatically deciding process equivalence, all existing approaches abstract away the information an attacker may get when observing the length of messages.
In this paper, we study process equivalence with length tests. We first show that, in the static case, almost all existing decidability results (for static equivalence) can be extended to cope with length tests.
In the active case, we prove decidability of trace equivalence with length tests, for a bounded number of sessions and for standard primitives. Our result relies on a previous decidability result from Cheval et al (without length tests). Our procedure has been implemented and we have discovered a new flaw against privacy in the biometric passport protocol
YAPA: A generic tool for computing intruder knowledge
Reasoning about the knowledge of an attacker is a necessary step in many
formal analyses of security protocols. In the framework of the applied pi
calculus, as in similar languages based on equational logics, knowledge is
typically expressed by two relations: deducibility and static equivalence.
Several decision procedures have been proposed for these relations under a
variety of equational theories. However, each theory has its particular
algorithm, and none has been implemented so far. We provide a generic procedure
for deducibility and static equivalence that takes as input any convergent
rewrite system. We show that our algorithm covers most of the existing decision
procedures for convergent theories. We also provide an efficient
implementation, and compare it briefly with the tools ProVerif and KiSs
Analysis of Galaxy Formation with Hydrodynamics
We present a hydrodynamical code based on the Smooth Particle Hydrodynamics
technique implemented in an AP3M code aimed at solving the hydrodynamical and
gravitational equations in a cosmological frame. We analyze the ability of the
code to reproduce standard tests and perform numerical simulations to study the
formation of galaxies in a typical region of a CDM model. These numerical
simulations include gas and dark matter particles and take into account
physical processes such as shock waves, radiative cooling, and a simplified
model of star formation. Several observed properties of normal galaxies such as
ratios, the luminosity function and the Tully-Fisher
relation are analyzed within the limits imposed by numerical resolution.Comment: 21 pages, 2 postscript tables. Submitted MNRAS 04.03.9
The Hierarchical Formation of the Galactic Disk
I review the results of recent cosmological simulations of galaxy formation
that highlight the importance of satellite accretion in the formation of
galactic disks. Tidal debris of disrupted satellites may contribute to the disk
component if they are compact enough to survive the decay and circularization
of the orbit as dynamical friction brings the satellite into the disk plane.
This process may add a small but non-negligible fraction of stars to the thin
and thick disks, and reconcile the presence of very old stars with the
protracted merging history expected in a hierarchically clustering universe. I
discuss various lines of evidence which suggest that this process may have been
important during the formation of the Galactic disk.Comment: paper to be read at the "Penetrating Bars through Masks of Cosmic
Dust" conference in South Afric
Relating two standard notions of secrecy
Two styles of definitions are usually considered to express that a security
protocol preserves the confidentiality of a data s. Reachability-based secrecy
means that s should never be disclosed while equivalence-based secrecy states
that two executions of a protocol with distinct instances for s should be
indistinguishable to an attacker. Although the second formulation ensures a
higher level of security and is closer to cryptographic notions of secrecy,
decidability results and automatic tools have mainly focused on the first
definition so far.
This paper initiates a systematic investigation of the situations where
syntactic secrecy entails strong secrecy. We show that in the passive case,
reachability-based secrecy actually implies equivalence-based secrecy for
digital signatures, symmetric and asymmetric encryption provided that the
primitives are probabilistic. For active adversaries, we provide sufficient
(and rather tight) conditions on the protocol for this implication to hold.Comment: 29 pages, published in LMC
APTE: An Algorithm for Proving Trace Equivalence
This paper presents APTE, a new tool for automatically proving the security of cryptographic protocols. It focuses on proving trace equivalence between processes, which is crucial for specifying privacy type properties such as anonymity and unlinkability.
The tool can handle protocols expressed in a calculus similar to the applied-pi calculus, which allows us to capture most existing protocols that rely on classical cryptographic primitives. In particular, APTE handles private channels and else branches in protocols with bounded number of sessions. Unlike most equivalence verifier tools, APTE is guaranteed to terminate
Moreover, APTE is the only tool that extends the usual notion of trace equivalence by considering ``side-channel'' information leaked to the attacker such as the length of messages and the execution times. We illustrate APTE on different case studies which allowed us to automatically (re)-discover attacks on protocols such as the Private Authentication protocol or the protocols of the electronic passports
On the statistical distribution of first--return times of balls and cylinders in chaotic systems
We study returns in dynamical systems: when a set of points, initially
populating a prescribed region, swarms around phase space according to a
deterministic rule of motion, we say that the return of the set occurs at the
earliest moment when one of these points comes back to the original region. We
describe the statistical distribution of these "first--return times" in various
settings: when phase space is composed of sequences of symbols from a finite
alphabet (with application for instance to biological problems) and when phase
space is a one and a two-dimensional manifold. Specifically, we consider
Bernoulli shifts, expanding maps of the interval and linear automorphisms of
the two dimensional torus. We derive relations linking these statistics with
Renyi entropies and Lyapunov exponents.Comment: submitted to Int. J. Bifurcations and Chao
Pengaruh Penambahan âLimbah Karet Ban Luar\u27 Terhadap Karakteristik Marshall Pada Lapis Tipis Aspal Pasir (Latasir) Kelas B
Asphalt mixture Latasir called HRSS (Hot Rolled Sand Sheet). Proper aggregate gradation,asphalt latasir distinct class A and class B. A known class Latasir HRSS-A with a nominal minimumthickness of 1.5 cm. As a class known as HRSS Latasir B-B with a nominal minimum thickness of2 cm. Latasir intended for asphalt road with light traffic, especially in areas where coarse aggregateis not available. The use of ârubber tire wasteâ as asphalt additives latasir is expected to reduce theuse of asphalt and benefits, including increases due to the braking surface traction and reduces tirenoise due to friction with the floor surface. The addition of âwaste tire rubberâ mixing the asphaltmade with a variety B latasir rubber content of 1%, 2%, 3%, 4% and 5% of the bitumen content. Itis known that a mixture of asphalt latasir B with the addition of âwaste rubber tire âcan improve thequality of Marshal. In the rubber content optimum for the ratio of 0312% rubber content andasphalt content of 7.89%, resulting in a mixture characteristics: Marshall Stability 950 kg, MarshallQuotient 4.1 kN/mm, Air Voids 3.5 % dan film thickness 8 ÎŒm
Efficient Parallel Translating Embedding For Knowledge Graphs
Knowledge graph embedding aims to embed entities and relations of knowledge
graphs into low-dimensional vector spaces. Translating embedding methods regard
relations as the translation from head entities to tail entities, which achieve
the state-of-the-art results among knowledge graph embedding methods. However,
a major limitation of these methods is the time consuming training process,
which may take several days or even weeks for large knowledge graphs, and
result in great difficulty in practical applications. In this paper, we propose
an efficient parallel framework for translating embedding methods, called
ParTrans-X, which enables the methods to be paralleled without locks by
utilizing the distinguished structures of knowledge graphs. Experiments on two
datasets with three typical translating embedding methods, i.e., TransE [3],
TransH [17], and a more efficient variant TransE- AdaGrad [10] validate that
ParTrans-X can speed up the training process by more than an order of
magnitude.Comment: WI 2017: 460-46
Automating Security Analysis: Symbolic Equivalence of Constraint Systems
We consider security properties of cryptographic protocols, that are either trace properties (such as confidentiality or authenticity) or equivalence properties (such as anonymity or strong secrecy). Infinite sets of possible traces are symbolically represented using deducibility constraints. We give a new algorithm that decides the trace equivalence for the traces that are represented using such constraints, in the case of signatures, symmetric and asymmetric encryptions. Our algorithm is implemented and performs well on typical benchmarks. This is the first implemented algorithm, deciding symbolic trace equivalence
- âŠ