Ruhr-Universität Bochum (RUB): Open Journal Systems
Not a member yet
    4280 research outputs found

    On Constructing AEs with Leakage and Faults

    No full text
    Physical attacks are one of the potent threats to modern cryptography. Symmetric-key primitives are well-explored with respect to passive, active, and more recently combined (i.e., simultaneously leaking and faulting) adversaries. For symmetric key operating modes, there are many proposals for encryption (ENC), Message Authentication Codes (MAC), and Authenticated Encryption (AE) covering passive attacks. However, research on active or combined adversaries is more succinct and, to the best of our knowledge, boils down to combined secure MAC due to Berti et al. (ToSC 2023, issue 1), combined secure ENC due to Dobraunig et al. (CCS’22), and active secure AE named MEM due to Saha et al. (ToSC 2022, issue 4).Our first contribution is a security model to formally reason about the combined security of AE. The model extends the fault-then-leak security of MAC introduced by Berti et al. to AE and can also be seen as a natural extension of state-of-the-art leakage resistant notions in their so-called faulty matrix framework. Armed with this model, we show as a second contribution that all the leakage-resilient, including leakage-resistant, AE constructions and the fault-resilient MEM construction are vulnerable to a single fault injection within the composition of their building blocks. These decoupling attacks remain successful even for combined-secure building blocks. As a result, we finally present LEAF, the first AE construction secure against faultthen- leak adversaries with a single fault injection. In encryption, LEAF makes only one call to a MAC and two calls to an ENC that are combined secure

    Involuntary “what if” moments: Improbable simulations across the sleep-wake cycle and their relationship with anxiety

    No full text
    Improbable simulations, or spontaneous thoughts that consist of events that are unlikely to occur in waking life, are presumably common experiences during both periods of waking and dreaming. Yet, despite anecdotes of involuntarily simulating experiences like driving off the road, throwing your cellphone off a bridge, or screaming in a crowded room, the empirical work on this topic has been quite limited. Here we attempt to shed some foundational light on such improbable simulations by exploring their perceived occurrence and relation to sense of agency and intolerance of uncertainty throughout the sleep/wake cycle. Participants (N=100) indicated their perceived frequency and affective valence of improbable simulations related to certain themes (personal, social, and nature) across waking and dreaming states. Although participants perceived experiencing improbable simulations more often while awake, the common themes and valence of improbable simulations did not differ across periods of waking and dreaming - that is, participants were most likely to simulate personal events in both states, and social simulations were the most positive theme in both states. Critically, all themes in waking were positively correlated with intolerance of uncertainty, a characteristic of various anxiety disorders, while this relationship was only observed for personal simulations in dreaming states. However, no such relation was observed for sense of agency for any theme across waking and dreaming states. Our findings thus provide insights on the general nature of improbable simulations across both wake and sleep, as well as their relation to anxiety characteristics

    What active inference still can’t do: The (frame) problem that just won’t go away

    No full text
    The frame problem, or problem of relevance, concerns the capacity of cognitive agents to zero in on relevant information during action and perception, whilst intelligently ignoring everything else. Although this is an ability that such agents realise even in the most seemingly novel of situations, it is generally accepted that no comprehensive explanatory account of it has been provided by cognitive-scientific researchers. However, a new account deriving from the popular active inference framework purports to solve the problem of relevance, an achievement which, if realised, would give strong evidence for the framework’s claim to be an all-embracing theory of cognition. Unfortunately, this account, alongside previous active inference attempts to respond to the problem of relevance, is explanatorily inadequate. This means that, as is the case for all other frameworks in cognitive science, active inference has heretofore failed to resolve the problem of relevance

    Hybrid teaching put into practice:: A course concept for a synchronous hybrid introduction

    Get PDF
    Der Beitrag beschreibt ein synchron-hybrides Lehrszenario zur Vermittlung sprachlichen und kulturhistorischen Grundlagenwissens für Altgriechisch und Latein am Sprachenzentrum der Humboldt-Universität zu Berlin. Behandelt werden Kursinhalt und -struktur, Hybridkonzept, technische Umsetzung, methodisch-didaktische Prinzipien sowie hybridspezifische Herausforderungen und Lösungsstrategien. Es wird gezeigt, wie durch gezielte Maßnahmen eine gleichwertige und inklusive Beteiligung von Online- und Präsenzgruppe realisiert werden kann.  This article presents a synchronous hybrid teaching scenario developed to convey foundational linguistic and cultural-historical knowledge of Ancient Greek and Latin at the Language Center of Humboldt-Universität zu Berlin. It discusses the course’s content and structure, the hybrid concept, technical implementation, methodological and didactic principles, as well as hybrid-specific challenges and corresponding solutions. The article demonstrates how targeted measures can ensure equal and inclusive participation of both online and in-person learners

    Minimized PRFs from Public Permutations

    No full text
    The sum of permutations is a popular way to turn a PRP (like a block cipher) into a PRF. However, with the rise of permutation based cryptography, it makes sense to investigate the possibility to design a PRF as the sum of externally keyed public permutations. This challenge was initiated by Chen et al. (CRYPTO 2019) who presented the Sum of Even-Mansours (SoEM) construction. Sibleyras and Todo (CT-RSA 2023) later minimized the amount of key maskings in this construction with their Keyed Sum of Permutations (KSoP). However, both constructions have in common that their security proofs require two independent keys and two independent public random permutations. In this work, we investigate the possibilities to reduce this amount of randomness, by introducing three constructions: sirP, that uses two independent permutations but one key, sirK, that uses two independent keys but one permutation, and sirX, that uses a single permutation and a single key. The constructions are further generalized by having a parameter prescribing the data input size compared to the permutation size. We present general security results for all three variants, and demonstrate that, for certain parameter choices, the security bounds match those of SoEM and KSoP, but with reduced randomness

    Chosen-Key Distinguishing Attacks on Full AES-192, AES-256, Kiasu-BC, and More

    No full text
    At CRYPTO 2020, Liu et al. demonstrated that many differentials on Gimli are, in fact, incompatible. Similar incompatibilities also arise in relatedkey differentials on AES, which are typically addressed in an ad-hoc manner by incorporating additional constraints into the searching models. However, such ad-hoc methods are insufficient to eliminate all incompatibilities and may still produce false positive related-key differentials. At CRYPTO 2022, a novel approach was introduced that combines a Constraint Programming (CP) tool with a triangulation algorithm to search for rebound attacks against AES-like hashings. In this paper, we extend and unify these techniques to develop a comprehensive related-key differential search model. Our model not only identifies valid related-key differentials for AES and similar ciphers, but also enables immediate verification of the existence of at least one key pair satisfying the differentials. Using this enhanced automatic tool, we discover new related-key differentials for full-round AES-192, AES-256, Kiasu-BC, and for roundreduced Deoxys-BC. Based on these findings, we present full-round limited-birthday chosen-key distinguishing attacks on AES-192, AES-256, and Kiasu-BC, as well as the first chosen-key distinguisher on reduced-round Deoxys-BC. Furthermore, we identify, for the first time, a limited-birthday distinguisher on 9-round Kiasu-BC with practical complexities

    Divide-and-Conquer SAT for Exploring Optimal Differential and Linear Characteristics and Its Applications

    No full text
    Developing automatic search tools to derive optimal characteristics is crucial for both the design and cryptanalysis of symmetric-key primitives. However, evaluating primitives that employ large S-boxes and complex linear layers remains a computationally demanding task. In this paper, we introduce a novel solver-aided automatic search tool based on the divide-and-conquer strategy that leverages the advantages of both MILP and SAT methods. Our method divides a given SAT model into multiple smaller SAT models, allowing to pre-eliminate as much of the space of Boolean variable assignments that make a given SAT model always “UNSAT”. In addition, we propose a new method for large S-boxes that involves the decimal parts of values, enabling us to efficiently derive optimal linear characteristics for a large S-box-based primitive, all within a practical time for the first time. The new tool is able to obtain optimal differential and linear characteristics in the significant number of rounds of AES, Camellia without FL function, ARIA, LED, Midori-128, SKINNY- 128, and Rijndael-256-256. Our results improve the required number of rounds for differential and linear attacks, based on a single characteristic, for Camellia, LED, and Midori-128. Besides, our tool identifies the longest distinguisher for extensivelyanalyzed ciphers of Camellia/ARIA/Midori-128 and SKINNY-128 by optimal linear and differential ones, respectively

    LESS is Even More: Optimizing Digital Signatures from Code Equivalence

    No full text
    LESS is a signature scheme based on the code equivalence problem that has advanced to the second round of the NIST PQC standardization process. While promising, the scheme suffers from relatively large signatures and moderate to slow signing and verification times. Chou, Santini, and Persichetti recently introduced a variant of LESS relying on canonical forms to significantly reduce signature sizes. However, the overall performance impact of this approach remained largely unclear. In this work, we provide the first implementation of the new LESS variant and show that, in its original form, it performs poorly due to the overhead of computing canonical forms in a naïve way. We then introduce a series of algorithmic and implementation-level optimizations that reduce this overhead to about 10%, showing that the signature size reduction comes at minor cost. In addition, we present further improvements to the signature scheme as a whole, as well as a re-parameterization. The resulting scheme achieves speedups of 2.5x to 10x over the Round 1 NIST submission, while maintaining the reduced signature sizes

    Generation of Fast Finite Field Arithmetic for Cortex-M4 with ECDH and SQIsign Applications

    No full text
    Finite field arithmetic is central to several cryptographic algorithms on embedded devices like the ARM Cortex-M4, particularly for elliptic curve and isogenybased cryptography. However, rapid algorithm evolution, driven by initiatives such as NIST’s post-quantum standardization, might frequently render hand-optimized implementations obsolete. We address this challenge with m4-modarith, a library generating C code with inline assembly for the Cortex-M4 that rivals custom-tuned assembly, enabling agile development in this ever-changing landscape. Our generated modular multiplications obtains fast performances, competitive with hand-optimized assembly implementations published in the literature, even outperforming some of them for Curve25519. Two contributions are pivotal to this success. First, we introduce a novel multiplication strategy that matches the memory access complexity of the operand caching method while being applicable to a larger cache size for Cortex-M4 implementations. Second, we generalize an efficient pseudo-Mersenne reduction strategy, and formally prove its correctness and applicability for most primes of cryptographic interest. Our generator allowed agile optimization of SQIsign’s NIST PQC Round 2 submission, improving level 1 verification from 123 Mcycles to only 54 Mcycles, a 2.3x speedup. As an additional case study, we use our generator to improve performance of portable implementations of RFC 7748 by up to 2.2x

    «Phraseologisches Wörterbuch Katalanisch-Deutsch»: presentació del projecte

    Get PDF
    This paper presents the main characteristics of the Phraseologisches Wörterbuch Katalanisch-Deutsch (Phraseological Catalan-German Dictionary): it is a passive semasio­logical work for decoding aimed at a German-speaking audience that, if everything goes as planned, is expected to be published around 2027 and will include about 11,000 entries. This introductory study focuses on aspects particularly related to the micro­structure of the dictionary. Our working method is primarily based on pragmatic lin­guistics.This paper presents the main characteristics of the Phraseologisches Wörterbuch Katalanisch-Deutsch (Phraseological Catalan-German Dictionary): it is a passive semasio­logical work for decoding aimed at a German-speaking audience that, if everything goes as planned, is expected to be published around 2027 and will include about 11,000 entries. This introductory study focuses on aspects particularly related to the micro­structure of the dictionary. Our working method is primarily based on pragmatic lin­guistics

    2,173

    full texts

    4,280

    metadata records
    Updated in last 30 days.
    Ruhr-Universität Bochum (RUB): Open Journal Systems
    Access Repository Dashboard
    Do you manage Open Research Online? Become a CORE Member to access insider analytics, issue reports and manage access to outputs from your repository in the CORE Repository Dashboard! 👇