Ruhr-Universität Bochum (RUB): Open Journal Systems
Not a member yet
4280 research outputs found
Sort by
In dialogue with the algorithm: Practical study on promoting prompt engineering skills among students learning German as a foreign language
Die vorliegende didaktische Fallstudie mit begleitender Evaluation untersucht die Förderung von Critical AI Literacy und Prompt-Engineering-Kompetenzen im universitären Deutsch-als-Fremdsprache-Unterricht und adressiert damit eine bestehende Forschungslücke. Die auf der Lernplattform Moodle implementierte didaktische Intervention bestand aus einer einleitenden theoretischen Lernphase und einer anschließenden praktischen Anwendungsphase, begleitet durch angeleitete Lernprozessreflexionen sowie eine rubrikgestützte Peer-Evaluation. Die Intervention wurde an der Universität Oviedo (Spanien) durchgeführt und mithilfe einer Fragebogenerhebung (n=13) evaluiert. Die Ergebnisse weisen auf positive Lernerträge und eine hohe Akzeptanz der eingesetzten didaktischen Instrumente seitens der Studierenden hin, verweisen jedoch zugleich auf Herausforderungen in den Bereichen Reflexion und Peer-Evaluation.This didactic case study with accompanying evaluation investigates the promotion of Critical AI Literacy and prompt engineering competences in the context of university-level German as a Foreign Language instruction, thereby addressing an existing research gap. The didactic intervention, implemented via the Moodle learning platform, consisted of an initial theoretical learning phase followed by a practical application phase, complemented by guided learning process reflections and rubric-based peer evaluation. The intervention was conducted at the University of Oviedo (Spain) and evaluated through a questionnaire-based survey (n=13). The results indicate positive learning outcomes and high student acceptance of the didactic instruments employed, while simultaneously highlighting challenges related to reflection and peer evaluation
Simple concepts and meanings: adequacy from below
We offer a limited account of concept composition, formalized in terms of a calculus that has the computational complexity of propositional logic. We then show that small additions to this core system have dramatic effects, inviting an old idea that Pietroski 2018 develops: linguistic meanings are instructions for how to build concepts – symbols of a mental language – in constrained ways; more specifically, while some atomic concepts of the relevant mentalese are dyadic, all other concepts are monadic. In this respect, the posited generator is more Aristotelean than Fregean, and simpler than the lambda calculus of Church 1941. Icard & Moss (2023) make this vivid by establishing some results, which we review, about a precise version of the language Pietroski sketched. Here, we present the system in stages and stress a corresponding methodology: in providing theories of meaning, one can try to approach descriptive adequacy by modestly extending a model that undergenerates but captures some central phenomena, instead of starting with a powerful model that overgenerates (Chomsky 1957, 1959, 1965). For example, our core system doesn\u27t generate negations of concepts or mental correlates of relative clauses. But the final product, which is still a context free procedure, delivers conceptual analogs of ‘thing that is not a cow\u27. Indeed, it is expressively equivalent to a monadic (one free variable) fragment of FOL. To help locate the proposed mentalese relative to more familiar models of how ideal concepts compose, we discuss some connections to modal logics and the variable-free system of Schönfinkel 1924
The Legal Status of Non-Muslims in the Shiite Fiqh and Iranian Laws (1906–2020) by Saeid Edalatnejad
This contribution offers a review of The Legal Status of Non-Muslims in the Shiite Fiqh and Iranian Laws (1906–2020) by Saeid Edalatnejad (2023
Revisiting Leakage-Resilient MACs and Succinctly-Committing AEAD: More Applications of Pseudo-Random Injections
Pseudo-Random Injections (PRIs) have been used in several applications in symmetric-key cryptography, such as in the idealization of Authenticated Encryption with Associated Data (AEAD) schemes, building robust AEAD, and, recently, in converting a committing AEAD scheme into a succinctly committing AEAD scheme. In Crypto 2024, Bellare and Hoang showed that if an AEAD scheme is already committing, it can be transformed into a succinctly committing scheme by encrypting part of the plaintext using a PRI. In this paper, we revisit the applications of PRIs in building Message Authentication Codes (MACs) and AEAD schemes. First, we look at some of the properties and definitions of PRIs, such as collision resistance and unforgeability when used as a MAC with a small plaintext space, under different leakage models. Next, we show how they can be combined with collision-resistant hash functions to build a MAC for long plaintexts, offering flexible security depending on how the PRI and equality check are implemented. If both the PRI and equality check are leak-free, the MAC provides almost optimal security, but the security only degrades a little if the equality check is only leakage-resilient (rather than leak-free). If the equality check has unbounded leakage, the security drops to a baseline security rather than being completely insecure. Next, we show how to use PRIs to build a succinctly committing online AEAD scheme from scratch, dubbed as scoAE. It achieves succinct CMT4 security, privacy, and Ciphertext Integrity with Misuse and Leakage (CIML2) security. Last but not least, we show how to build a succinctly committing nonce Misuse-Resistant (MRAE) AEAD scheme, dubbed as scMRAE. The construction combines the SIV paradigm with PRI-based encryption (e.g., the Encode-then-Encipher (EtE) framework)
Practical Preimage Attacks on 3-Round Keccak-256 and 4-Round Keccak[r=640, c=160]
Recently, linear structures and algebraic attacks have been widely used in preimage attacks on round-reduced Keccak. Inherited by pioneers’ work, we make some improvements for 3-round Keccak-256 and 4-round Keccak[r=640, c=160]. For 3-round Keccak-256, we introduce a three-stage model to deal with the unsatisfied restrictions while bringing more degrees of freedom at the same time. Besides, we show that guessing values for different variables will result in different complexity of solving time. With these techniques, the guessing times can be decreased to 252, and the solving time for each guess can be decreased to around 25.2 3-round Keccak calls. As a result, the complexity of finding a preimage for 3-round Keccak-256 can be decreased to around 257.2. For 4-round Keccak[r=640, c=160], an instance of the Crunchy Contest, we use some techniques to save degrees of freedom and make better linearization. Based on these techniques, we build an MILP model and obtain an attack with better complexity of around 260.9. The results of 3-round Keccak-256 and 4-round Keccak[r=640, c=160] are verified with real examples
Differential Cryptanalysis of the Reduced Pointer Authentication Code Function Used in Arm’s FEAT_PACQARMA3 Feature
The Pointer Authentication Code (PAC) feature in the Arm architecture is used to enforce the Code Flow Integrity (CFI) of running programs. It does so by generating a short MAC — called the PAC — of the return address and some additional context information upon function entry, and checking it upon exit. An attacker that wants to overwrite the stack with manipulated addresses now faces an additional hurdle, as they now have to guess, forge, or reuse PAC values. PAC is deployed on billions of devices as a first line of defense to harden system software and complex programs against software exploitation.The original version of the feature uses a 12-round version the QARMA-64 block cipher. The output is then truncated to between 3 and 32 bits, in order to be inserted into unused bits of 64-bit pointers. A later revision of the specification allows the use of an 8-round version of QARMA-64. This reduction may introduce vulnerabilities such as high-probability distinguishers, potentially enabling key recovery attacks. The present paper explores this avenue.A cryptanalysis of the PAC computation function entails restricting the inputs to valid virtual addresses, meaning that certain most significant bits are fixed to zero, and considering only the truncated output. Within these constraints, we present practical attacks on various PAC configurations. These attacks, while not presenting immediate threat to the PAC mechanism, show that some versions of the feature do miss the security targets made for the original function. This offers new insights into the practical security of constructing MAC from truncated block ciphers, expanding on the mostly theoretical understanding of creating PRFs from truncated PRPs.We note that the results do not affect the security of QARMA-64 when used with the recommended number of rounds for general purpose applications
Collision Attacks on Reduced RIPEMD-128
RIPEMD-128 is an ISO/IEC standard hash function based on a doublebranch Merkle-Damgård structure. Its compression function includes two branches with distinct Boolean functions and message expansion permutations. To perform a collision attack, differential characteristics must be constructed simultaneously for both branches under the same message word difference, and the message modification order must align with conditions in both branches. These factors make collision attacks on (reduced) RIPEMD-128 highly challenging.In 2014, an attack on 40 steps of RIPEMD-128 was achieved by Wang with no state differences in round 3. In this work, we analyze message permutation properties and propose two new structures for creating message differences. These structures enable high-probability local collisions in both branches of round 3, extending the attack to more steps. Notably, the second structure can eliminate all state differences in round 3, allowing the attack to cover more than three whole rounds.To ensure practical attacks, we limit the number of conditions based on our message modification strategy and use multi-step message modification techniques to control more conditions. As a result, we successfully generate colliding message pairs for 46-step and 54-step reduced RIPEMD-128, with time complexities of approximately 242 and 254, respectively
Multiple Rows Mixers and Hsilu: A Family of Linear Layers and a Permutation with Fewer XORs
Over the past decades, extensive research has been conducted on lightweight cryptographic primitives. The linear layer plays an important role in their security. In this paper, we propose a family of linear layers consisting of XORs and rotations, which is called multiple rows mixers (MRM). It is a family designed for LS-type ciphers, but mixing elements from several rows. We investigate the impact of the linear layers on the 3-round trail weight of permutations and explore the properties of the inverse of the linear layers with a low XOR count. We employ a generic and extensible approach to determine the parameters of MRM. This approach can automatically generate linear layers that meet the requirements of a given branch number.By applying these design principles and methods, we derive a linear layer that has a dimension of 5 x 64, a differential branch number of 12, a linear branch number of 5 and a computational cost of 2.6 XOR operations per bit. MRM is not limited to fixed dimension and can be extended to other dimensions. In addition, we present a concrete instantiation of a 320-bit permutation using a more efficient instance of MRM, named Hsilu. Its non-linear layer employs the χ operating on columns. Compared with the permutations of Gaston and NIST lightweight standard Ascon, the round function of Hsilu requires fewer XOR operations. Hsilu exhibits competitive security and performance with Ascon and Gaston. We demonstrate that the best-found 3-round differential and linear trails of Hsilu have much higher weights than those of Ascon. Hsilu outperforms Gaston and Ascon in terms of both software and hardware performance
Rudraksh: A compact and lightweight post-quantum key-encapsulation mechanism
Resource-constrained devices such as wireless sensors and Internet of Things (IoT) devices have become ubiquitous in our digital ecosystem. These devices generate and handle a major part of our digital data. However, due to the impending threat of quantum computers on our existing public-key cryptographic schemes and the limited resources available on IoT devices, it is important to design lightweight post-quantum cryptographic (PQC) schemes suitable for these devices.In this work, we explored the design space of learning with error-based PQC schemes to design a lightweight key-encapsulation mechanism (KEM) suitable for resourceconstrained devices. We have done a scrupulous and extensive analysis and evaluation of different design elements, such as polynomial size, field modulus structure, reduction algorithm, and secret and error distribution of an LWE-based KEM. Our explorations led to the proposal of a lightweight PQC-KEM, Rudraksh, without compromising security. Our scheme provides security against chosen ciphertext attacks (CCA) with more than 100 bits of Core-SVP post-quantum security and belongs to the NIST-level-I security category (provide security at least as much as AES-128). We have also shown how ASCON can be used for lightweight pseudo-random number generation and hash function in the lattice-based KEMs instead of the widely used Keccak for lightweight design. Our FPGA results show that Rudraksh currently requires the least area among the PQC KEMs of similar security. Our implementation of Rudraksh provides a ~3x improvement in terms of the area requirement compared to the state-of-the-art areaoptimized implementation of Kyber, can operate at 63%-76% higher frequency with respect to high-throughput Kyber, and improves time-area-product ~2x compared to the state-of-the-art compact implementation of Kyber published in HPEC 2022