1,721,002 research outputs found

    Hybrid Homomorphic Encryption Resistance to Side-Channel Attacks

    No full text
    This work performs a side-channel analysis on the Hybrid Homomorphic Encryption cipher Elisabeth-b4. In particular, a Correlation Power Analysis allows to recover the 2048-bit key with 35,000 traces. Mounting template attacks or using Machine Learning decreases this number to 1,000. We then implement 2-share masking and shuffling, which completely eliminates the leakage measure – a Test Vector Leakage Assessment (TVLA) – and mitigates the Correlation Power Analysis and template attacks. Using a Divide and Conquer Deep Learning approach, we manage to bypass them but the number of required traces increases to 250,000.LASE

    Going Beyond Counting First Authors in Author Co-citation Analysis

    Full text link
    The present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed

    On the physical security of cryptographic implementations

    Full text link
    En cryptographie moderne, un système de chiffrement est traditionnellement étudié dans le modèle dit en boîte noire. Dans ce modèle, le cryptosystème est vu comme un oracle répondant à des requêtes de chiffrement (et/ou déchiffrement) de messages à partir d’une valeur secrète : la clé. La sécurité du cryptosystème est alors définie suivant un simple jeu. Un adversaire interroge l’oracle sur le chiffrement (et/ou le déchiffrement) de messages de son choix et, selon les réponses obtenues, tente de déterminer la valeur de la clé secrète (ou encore de chiffrer/déchiffrer un message pour lequel il n’a pas questionné l’oracle). Si, tout en suivant une stratégie optimale, l’adversaire n’a qu’une chance de gain négligeable, la sécurité est alors établie. Plusieurs cryptosystèmes existants ont été prouvés sûrs dans le modèle en boîte noire. Cependant, ce modèle n’est pas toujours suffisant pour établir la sécurité d’un cryptosystème en pratique. Prenons l’exemple de la carte à puce qui est utilisée comme support pour le cryptosystème dans de nombreuses applications telles le bancaire, le contrôle d’accès, la téléphonie mobile, la télévision à péage ou encore le passeport électronique. De par la nature de ces applications, un cryptosystème implanté sur carte à puce est physiquement accessible à de potentiels attaquants. Cet accès physique invalide l’abstraction du cryptosystème par un oracle de chiffrement car il permet à l’adversaire d’en observer et/ou d’en perturber le comportement physique. De nouvelles attaques cryptanalytiques deviennent alors possibles se regroupant sous le terme de cryptanalyse physique. La cryptanalyse physique se compose essentiellement de deux familles principales d’attaques: les attaques par canaux auxiliaires et les attaques par fautes. L’objet des attaques par canaux auxiliaires est l’analyse des différentes fuites physiques d’une implémentation cryptographique durant ses calculs. On compte parmi ces fuites le temps d’exécution, la consommation électrique ainsi que les émanations d’ondes électromagnétiques. L’observation de ces dits canaux auxiliaires fournit de l’information sensible sur le calcul cryptographique. La valeur de la clé peut alors facilement être déterminée par traitement statistique bien que le cryptosystème soit sûr dans le modèle en boîte noire. L’accès à une implémentation cryptographique permet plus qu’une simple observation passive de son comportement physique ; il devient également possible d’en perturber le calcul. Partant de ce principe, les attaques par fautes consistent en la corruption de calculs cryptographiques en vue de l’obtention de résultats erronés. De manière tout à fait surprenante, ces derniers peuvent alors être traités afin d’en extraire de l’information sur la clé secrète. Cette thèse se focalise sur l’étude de la cryptanalyse physique et de l’implémentation sécurisée de primitives cryptographiques. Nous examinons dans une première partie les attaques par canaux auxiliaires d’un point de vue théorique. Différentes techniques d’attaques se basant sur différents outils statistiques sont abordées. Nous analysons leur taux de succès, nous comparons leur efficacité et nous proposons certaines améliorations. Nos analyses sont illustrées par des résultats de simulations d’attaques ainsi que d’attaques mises en pratique sur carte à puce. La deuxième partie de cette thèse est consacrée à l’une des contre-mesures les plus utilisées contre les attaques par canaux auxiliaires : le masquage de données. Nos investigations se concentrent sur les schémas de masquage génériques pour les chiffrements par blocs tels les standards de chiffrement DES et AES. Nous étudions les schémas existants, exhibant des attaques sur certains d’entre eux, et nous proposons de nouveaux designs. La troisième et dernière partie de cette thèse concerne les attaques par fautes. Nous décrivons tout d’abord une nouvelle attaque sur le chiffrement DES exhibant certains pré-requis à son implémentation sécurisée. Nous étudions ensuite le cas du cryptosystème RSA pour lequel nous proposons une nouvelle contre-mesure, pouvant dans un cadre plus large s’appliquer à tout algorithme d’exponentiation. Nous adressons finalement un problème plus pratique mais tout aussi nécessaire à la sécurité : celui de l’implémentation d’un contrôle de cohérence.In modern cryptography, an encryption system is usually studied in the so-called black-box model. In this model, the cryptosystem is seen as an oracle replying to message encryption (and/or decryption) queries according to a secret value: the key. The security of the cryptosystem is then defined following a simple game. An adversary questions the oracle about the encryption (and/or decryption) of messages of its choice and, depending on the answers, attempts to recover the value of the secret key (or to encrypt/decrypt a message for which he did not query the oracle). If by following an optimal strategy the adversary only has a negligible chance of winning, the system is considered as secure. Several cryptosystems have been proved secure in the black-box model. However, this model is not always sufficient to ensure the security of a cryptosystem in practice. Let us consider the example of smart cards which are used as platforms for cryptosystems in various applications such as banking, access control, mobile telephony, pay TV, or electronic passport. By the very nature of these applications, a cryptosystem embedded on a smart card is physically accessible to potential attackers. This physical access invalidates the modeling of the cryptosystem as a simple encryption oracle since it allows the adversary to observe and disrupt its physical behavior. New attacks then become possible which are known as physical cryptanalysis. Physical cryptanalysis includes two main families of attacks: side channel attacks and fault attacks. The purpose of side channel attacks is to analyze the different physical leakages of a cryptographic implementation during its computation. Chief among these rank timing, power consumption, and electromagnetic radiation. Observing these so-called side channels provides sensitive information about the cryptographic computation. The secret key value can then be easily recovered by statistical treatment although the cryptosystem is secure in the black-box model. The access to a cryptographic implementation enables more than a simple observation of its physical behavior; it is also possible to disrupt its computation. Working on this assumption, fault attacks consist in corrupting cryptographic computations so that they produce erroneous results. Surprisingly, these results can be used in order to recover information about the secret key. This thesis focuses on physical cryptanalysis as well as on the secure implementation of cryptographic primitives. We examine in the first part side channel attacks from a theoretical viewpoint. Various techniques of attack based on different statistical tools are addressed. We analyze their success rate, we compare their efficiency and we propose some improvements. Our analyses are illustrated by results of simulated attacks as well as practical attacks on smart cards. The second part of this thesis is devoted to one of the most widely used countermeasures to side channel attacks: data masking. Our investigations concentrate on generic masking schemes for block ciphers such as the encryption standards DES and AES. We analyze existing schemes, exhibiting some attacks against certain of them and we propose new designs. The third and last part of this thesis deals with fault attacks. First, we describe a new attack on the DES cipher which exhibits some requirements to its secure implementation. We then provide a case study based on the RSA cryptosystem where we propose a new countermeasure which can also be applied to secure any exponentiation algorithm. We finally address an important issue for practical security: the implementation of coherence checks

    Variations on the Author

    Full text link
    “Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship

    Appropriate Similarity Measures for Author Cocitation Analysis

    Full text link
    We provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis

    Dispelling the Myths Behind First-author Citation Counts

    Full text link
    We conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more sophisticated methods

    Author Index

    No full text
    Nao informado

    koamabayili/VECTRON-author-checklist: VECTRON author checklist

    No full text
    We have done our best to complete the author checklist relating to the use of animals in the hut study. Note that the objective for the hut study was to evaluate the IRS treatment applications for residual efficacy against Anopheles mosquitoes, including the local An. coluzzii mosquito population. Cows were only used to attract mosquitoes into the huts and no tests were carried out directly on the cows. The author checklist is intended for use with studies where experiments are carried out on animals, which is why we have had such difficulty in completing this for the hut study, as many of the questions do not relate to how the cows were used
    corecore