Correction to: Dispelling myths on superposition attacks: formal security model and attack analyses

Designs, Codes and Cryptography -     

On the complexity of the herding attack and some related attacks on hash functions

In this article, we analyze the complexity of the construction of the 2 ^k -diamond structure proposed by Kelsey and Kohno (LNCS, Vol 4004, pp 183–200, 2006). We point out a flaw in their analysis and show that their construction may not produce the desired diamond structure. We then give a more rigorous and detailed complexity analysis of the construction of a diamond structure. For this, we appeal to random graph theory (in particular, to the theory of random intersection graphs), which allows us to determine sharp necessary and sufficient conditions for the message complexity (i.e., the number of hash computations required to build the required structure). We also analyze the computational complexity for constructing a diamond structure, which has not been previously studied in the literature. Finally, we study the impact of our analysis on herding and other attacks that use the diamond structure as a subroutine. Precisely, our results shows the following:

1. The message complexity for the construction of a diamond structure is ${\sqrt{k}}$ times more than the amount previously stated in literature.

1. The time complexity is n times the message complexity, where n is the size of hash value.

Due to the above two results, the herding attack (Kelsey and Kohno, LNCS, Vol 4004, pp 183–200, 2006) and the second preimage attack (Andreeva et?al., LNCS, Vol 4965, pp 270–288, 2008) on iterated hash functions have increased complexity. We also show that the message complexity of herding and second preimage attacks on “hash twice” is n times the complexity claimed by Andreeva et?al. (LNCS, Vol 5867, pp 393–414, 2009), by giving a more detailed analysis of the attack.     

Affect control theory: Respecification,estimation, and tests of the formal model

The mathematical model for a theory of social action drawn from symbolic interactionism is respecified with new theoretical refinements. Model parameters are estimated from empirical data and are tested by simulating behaviors in role relationships. The best simulations are provided by simplifications of the original model rather than by elaborations.     

Mathematical model on malicious attacks in a mobile wireless network with clustering

A mathematical model has been formulated for the analysis of a wireless epidemic on a clustered heterogeneous network. The model introduces mobility into the epidemic framework assuming that the component nodes have a tendency to be attached with a frequently visited home cluster. This underlines the inherent regularity in the mobility pattern of mobile nodes in a wireless network. The analysis focuses primarily on features that arise because of the mobility considerations compared in the larger scenario formed by the epidemic aspects. A result on the invariance of the home cluster populations with respect to time provides an important view-point of the long-term behavior of the system. The analysis also focuses on obtaining a basic threshold condition that guides the epidemic behavior of the system. Analytical as well as numerical results have also been obtained to establish the asymptotic behavior of the connected components of the network, and that of the whole network when the underlying graph turns out to be irreducible. Applications to proximity based attacks and to scenarios with high cluster density have also been outlined.     

Certificateless signature: a new security model and an improved generic construction

Certificateless cryptography involves a Key Generation Center (KGC) which issues a partial key to a user and the user also independently generates an additional public/secret key pair in such a way that the KGC who knows only the partial key but not the additional secret key is not able to do any cryptographic operation on behalf of the user; and a third party who replaces the public/secret key pair but does not know the partial key cannot do any cryptographic operation as the user either. We call this attack launched by the third party as the key replacement attack. In ACISP 2004, Yum and Lee proposed a generic construction of digital signature schemes under the framework of certificateless cryptography. In this paper, we show that their generic construction is insecure against key replacement attack. In particular, we give some concrete examples to show that the security requirements of some building blocks they specified are insufficient to support some of their security claims. We then propose a modification of their scheme and show its security in a new and simplified security model. We show that our simplified definition and adversarial model not only capture all the distinct features of certificateless signature but are also more versatile when compared with all the comparable ones. We believe that the model itself is of independent interest.A conventional certificateless signature scheme only achieves Girault’s Level 2 security. For achieving Level 3 security, that a conventional signature scheme in Public Key Infrastructure does, we propose an extension to our definition of certificateless signature scheme and introduce an additional security model for this extension. We show that our generic construction satisfies Level 3 security after some appropriate and simple modification. A preliminary version of the extended abstract of partial results appeared in ACISP 2006 [9].     

Incomplete information equilibria: Separation theorems and other myths

The incomplete information financial economic equilibrium (IIE) literature has been growing at an increasing rate since its inception in the early 1980s. This paper examines issues and concepts essential to understanding, implementing, and testing IIE and understanding its relation to complete information equilibria (CIE). Concepts include the number of state variables in an IIE vis-à-vis the number of state variables in a corresponding CIE; the irrelevance of separation theorems to IIE and the relevance, instead, of a more general state space (re-)representation theorem; the identification of unobservable productivity processes that lead to complete information; the relative level of variable variances in a CIE and the corresponding IIE; stochastic CIE with corresponding deterministic IIE and deterministic CIE with corresponding stochastic IIE; the relationship between IIE and incomplete markets; the (im)persistence of heterogeneous beliefs; and the relation of IIE to the model uncertainty/ambiguity approaches. Understanding these concepts under IIE facilitates understanding the CIE, a special case of IIE.     

The debate between Peletier and Clavius on superposition

This article considers the sixteenth-century debate between Jacques Peletier du Mans and Christoph Clavius over the admissibility of superposition as a means to demonstrate the equality of figures in Euclidean geometry. It notably aims to determine, in the first part, which understanding of superposition motivated its rejection by Peletier, especially whether and to which extent his critical position towards this method was related to its kinematic implications. In the second part, the article presents the critical response Clavius addressed to Peletier in order to defend the legitimacy of superposition in Euclid's Elements.     

Interactions between party members and local party activists: A formal model and its empirical application*

Data taken from two surveys among party members and local party activists are used to test a formal theory of intra‐party interaction at a low regional level. For this purpose a miniature version of legitimation theory is axiomatized according to Joseph D. Sneed's proposals. A possible partial model for this miniature theory is defined, terms theoretical in this theory are introduced to make up a possible model of the theory, and several variants of the model of this theory are discussed together with their empirical claims. The axiomatized theory does not only allow the interpretation of empirical correlations among attitudinal variables as effects of interactions between persons bearing those attitudes, but also compels to consider nonlinear interactions as well.     

Tweaking a block cipher: multi-user beyond-birthday-bound security in the standard model

In this paper, we present a generic construction to create a secure tweakable block cipher from a secure block cipher. Our construction is very natural, requiring four calls to the underlying block cipher for each call of the tweakable block cipher. Moreover, it is provably secure in the standard model while keeping the security degradation minimal in the multi-user setting. In more details, if the underlying blockcipher E uses n-bit blocks and 2n-bit keys, then our construction is proven secure against multi-user adversaries using up to roughly \(2^n\) time and queries as long as E is a secure block cipher.     

Theory of formal integrability and DAEs: effective computations

This paper deals with the computation of the formally integrable systems underlying a given quasi-linear polynomial DAE. We use as stopping condition the criterium of differential stability, which happens to be equivalent to the formal integrability in dimension 1. A symbolic method is developed to compute effectively a finite collection of so-called triangular stable DAEs, whose solutions are precisely all the solutions of the initial system. Besides, this algorithm enables to determine the generic points of a triangular DAE, by checking the non-nullity of a single polynomial. This revised version was published online in June 2006 with corrections to the Cover Date.     

A mathematical model for a distributed attack on targeted resources in a computer network

A mathematical model has been developed to analyze the spread of a distributed attack on critical targeted resources in a network. The model provides an epidemic framework with two sub-frameworks to consider the difference between the overall behavior of the attacking hosts and the targeted resources. The analysis focuses on obtaining threshold conditions that determine the success or failure of such attacks. Considering the criticality of the systems involved and the strength of the defence mechanism involved, a measure has been suggested that highlights the level of success that has been achieved by the attacker. To understand the overall dynamics of the system in the long run, its equilibrium points have been obtained and their stability has been analyzed, and conditions for their stability have been outlined.     

Interacting environmental influences: Concepts of synergism,antagonism, and superposition

Since an enormous number of different pollutants is usually simultaneously present in a certain environmental area, it must be expected that interactions between these pollutants may occur frequently. Nevertheless, not very much is known about the combined impact of several pollutants and the environmental policy ignores these effects in defining pollution standards and limits just for single pollutants. Moreover, it is not at all clear how these effects should precisely be described. Starting from definitions of interactions between different environmental influences introduced by Ott [7] and one of the present authors [8], new concepts of synergism (and antagonism and superposition) in a deterministic context will be presented. It is analyzed which properties an environmental quality index has to have in order to describe such interactions.     

A note on extensions of algebraic and formal groups I

Partially supported by Grant-in-Aid for Scientific Research #62540066     

A note on extensions of algebraic and formal groups II

Partially supported by Grant-in-Aid for Scientific Research #05640063