scholarly journals Extracting Cryptographic Keys from .NET Applications

2021 ◽  
Vol 3 (2) ◽  
Author(s):  
Shaun Mc Brearty ◽  
William Farrelly ◽  
Kevin Curran
Keyword(s):  
Prior Knowledge ◽  
Main Memory ◽  
Basic Knowledge ◽  
Proof Of Concept ◽  
Software Applications ◽  
Cryptographic Keys ◽  
Cryptographic Key ◽  
Memory Dump ◽  
Concept Application ◽  
Net Framework

In the absence of specialized encryption hardware,cryptographic operations must be performed in main memory.As such,it is common place for cyber criminals to examine the content of main memory with a view to retrieving high-value data in plaintext form and/or the associated decryption key.In this paper,the author presents a number of simple methods for identifying and extracting cryptographic keys from memory dumps of software applications that utilize the Microsoft .NET Framework,as well as sourcecode level countermeasures to protect against same.Given the EXE file of an application and a basic knowledge of the cryptographic libraries utilized in the .NET Framework,the author shows how to create a memory dump of a running application and how to extract cryptographic keys from same using WinDBG - without any prior knowledge of the cryptographic key utilized.Whilst the proof-of-concept application utilized as part of this paper uses an implementation of the DES cipher,it should be noted that the steps shown can be utilized against all three generations of symmetric and asymmetric ciphers supported within the .NET Framework.

scholarly journals Herbaria Mundi: An image centric approach to manipulation of specimens from multiple collections

2020 ◽  
Vol 4 ◽  
Author(s):  
Roger Hyam
Keyword(s):  
User Interface ◽  
Proof Of Concept ◽  
Virus Spread ◽  
Biodiversity Crisis ◽  
International Image ◽  
Voucher Specimens ◽  
Tropical Areas ◽  
Concept Application ◽  
Extensive Reference ◽  
As If

Addressing the challenges of the Climate Emergency and the Biodiversity Crisis requires us to understand how the world's vegetation is changing. This is not a trivial task,especially in highly diverse tropical areas. Frequently, the only way to characterise vegetation is to make voucher specimens of the plants present and identify them later in the lab. Fortunately there are extensive reference collections carefully curated in herbaria. Unfortunately specimens and expertise are dispersed over hundreds of different herbaria spread across many countries. It would be more efficient if scientists could see and manipulate specimens independently of where they are stored, especially as travel becomes more difficult due to both the need to reduce carbon emissions and virus spread. Herbaria Mundi is an application demonstrating how how this can be achieved using CETAF Specimen IDs and IIIF (International Image Interoperability Framework). The application mimics the way a botanist might work in a physical herbarium by enabling the gathering of specimens into groups and side-by-side comparison of specimens, but differs in that one can search for and manipulate specimens in multiple herbaria as if they were stored in a single collection. Voucher specimens are often not added to herbaria mainly because they do not add enough value to material already in the collections. Herbaria Mundi therefore includes the ability for researchers to upload specimen images to Zenodo and for them to appear in the user interface as if they were in an institutional herbarium. This proof of concept application is being developed as part of Task 4.3 of the Synthesys+ project funded by the European Commission. Two things need to occur to take this concept into production. More herbaria need to adopt the use of CETAF specimen identifiers and the IIIF image API. Botanists need to prioritise which features they would like developed first. More herbaria need to adopt the use of CETAF specimen identifiers and the IIIF image API. Botanists need to prioritise which features they would like developed first. The poster will be a catalyst to discuss how these things can be achieved.

scholarly journals An Efficient Method for Secure ECG Feature based Cryptographic Key Generation

2019 ◽  
Vol 8 (12) ◽  
pp. 159-164
Keyword(s):  
Normal Sinus Rhythm ◽  
Linear Feedback ◽  
Security Level ◽  
Pseudorandom Number Generator ◽  
Random Number Generators ◽  
Appearance Time ◽  
Normal Sinus ◽  
Myocardial Infraction ◽  
Cryptographic Keys ◽  
Cryptographic Key

A novel method to generate ECG feature oriented cryptographic keys is proposed. Due to the advantage of the uniqueness and randomness properties of ECG’s main feature, this feature is achieved. As the production of key depends on four reference- free ECG main features, Low-latency property is obtained. These features are obtained in short time. This process is referred as (SEF)-based cryptographic key production. The SEF has the following features like: 1) identifying the appearance time of ECG’s fiducial values by means of Daubechies wavelet transform to calculate ECG’s main features conversely; 2) A dynamic method is used to denote the best quantity of bits that can be obtained from the main ECG feature, which consists of PR, RR, PP, QT, and ST time periods; 3) Generating cryptographic keys by the ECG features extracted in the method mentioned above and 4) Making the SEF method as strong with cryptographically secure pseudo-random number generators. Fibonacci linear feedback shift register and recent encryption traditional algorithms are executed as the pseudorandom number generator to improve the safety stage of the produced cryptographic keys. This method is executed to 239 subjects’ ECG signals consisting of normal sinus rhythm, arrhythmia, atrial brillation, and myocardial infraction. Normal ECG rhythms have slightly better randomness when compare with the abnormal.The output results proves that the SEF method is faster than the present existing key production methods. It produces higher security level when compared to existing methods

Sand and shine: an inexpensive method to measure terrestrial arthropod movement in the laboratory

2020 ◽  
Vol 152 (6) ◽  
pp. 823-829
Author(s):  
Alexandre M.M.C. Loureiro ◽  
Vilis O. Nams
Keyword(s):  
Ultraviolet Light ◽  
Ground Beetle ◽  
Computer Software ◽  
Proof Of Concept ◽  
Inexpensive Method ◽  
Human Disturbances ◽  
Video Footage ◽  
Software Applications ◽  
Insect Movement ◽  
The Individual

AbstractUnderstanding what drives insect movement is crucial to understanding how they might be affected by environmental or human disturbances. Methods that measure movement can be expensive, and few are available that do not rely on some sort of video footage. We developed a relatively inexpensive method that allows the user to see the full path of the individual insects within an arena after a certain amount of time, which can be captured with a photograph and later analysed with computer software applications. In our proof-of-concept experiment, we found that the ground beetle, Harpalus rufipes (Coleoptera: Carabidae), was more active in darkness and in light than in ultraviolet light and that it displayed different movement patterns under all three light treatments.

scholarly journals Shotgun Isotope Array for Rapid, Substrate-Specific Detection of Microorganisms in a Microbial Community

2011 ◽  
Vol 77 (20) ◽  
pp. 7430-7432 ◽  
Author(s):  
Tomohiro Tobino ◽  
Futoshi Kurisu ◽  
Ikuro Kasuga ◽  
Hiroaki Furumai
Keyword(s):  
Microbial Community ◽  
Stable Isotope ◽  
Activated Sludge ◽  
Prior Knowledge ◽  
Community Composition ◽  
Stable Isotope Probing ◽  
Proof Of Concept ◽  
Specific Detection

ABSTRACTThe shotgun isotope array method has been proposed to be an effective new tool for use in substrate-specific microbe exploration without any prior knowledge of the community composition. Proof of concept was demonstrated by detection of acetate-degrading microorganisms in activated sludge and further verified by independent stable isotope probing (SIP).

scholarly journals Analysis of Vulnerabilities of Key Management Systems in Distributed Ledger Using the Example of the IBM Blockchain

2021 ◽  
pp. 61-70
Author(s):  
Alexander Plotkin ◽  
◽  
Sergey Kesel ◽  
Maxim Repin ◽  
Nikolay Fedorov ◽  
...  
Keyword(s):  
Information Technology ◽  
Life Cycle ◽  
Key Management ◽  
Business Processes ◽  
Management Systems ◽  
Management Process ◽  
Distributed Ledger ◽  
Registry System ◽  
Cryptographic Keys ◽  
Cryptographic Key

Abstract. Today, one of the most discussed topics in the field of information technology is distributed registry systems. They attract investors and developers with their functionality. Distributed ledger systems are being introduced into business processes in many areas of human activity, which makes their contribution to development irreplaceable. One of the most vulnerable parts of such systems is the process of managing cryptographic keys, an attack on which can destroy the entire security of the distributed registry system. The aim of the research is to identify possible threats to the process of managing cryptographic keys, on the basis of which recommendations and standards for managing cryptographic keys in distributed ledger systems will be developed. Research methods: to achieve this goal, the structure of the life cycle of cryptographic keys was considered, an analysis of possible vulnerabilities in the process of managing cryptographic keys at each stage of the life cycle of a cryptographic key was carried out. In addition, the distributed ledger system was analyzed in the context of the identified vulnerabilities of the key management process using the example of the IBM blockchain and the possibility of outsourcing cryptographic key management systems was considered. Result: a set of possible threats to the process of managing cryptographic keys was proposed, the necessity of assessing the security of the key management system before deciding on the introduction of these systems into distributed registries was proposed, conclusions were drawn about the need to develop recommendations and standards for the process of managing cryptographic keys for such systems, as well as the possibility applicability of the recommendations for assessing the security of the implementation of outsourcing of cryptographic key management systems in distributed ledgers.

scholarly journals Pengembangan Aplikasi Interactive Tv Pada Platform Set-Top Box Tertanam Berbasis Windows Embedded 7

2010 ◽  
Vol 1 (1) ◽  
Author(s):  
Ferro Ferizka Aryananda ◽  
Widyawan Widyawan ◽  
Ridi Ferdiana
Keyword(s):  
Interactive Tv ◽  
Proof Of Concept ◽  
Application Development ◽  
Embedded Device ◽  
Multimedia Contents ◽  
Set Top Box ◽  
And Control ◽  
Net Framework ◽  
Application Module

Abstract. Interactive TV Application Development on Embedded Set-Top Box Platform Based on Windows Embedded 7. With the novelty of television technology that marked by the boom of DTV,  Internet enabled Set-Top Box,  and DVR,  television users become more aware to interactive and rich experience of multimedia contents viewing on their television that later become the concept of interactive TV.Interactive TV allows viewers to take control of what they want to see something conventional TV can’t afford. In this research, there will be an application developed so that the user could enjoy extended services through their TV set. CETV is a proof of concept of interactive TV concept that enables users to access extended services. CETV is a group of 7 different application module that has their own feature and functionality. CETV delivers extended services and contents that bring interactivity and control to television users. Kata kunci: Embedded Device, . NET Framework,  interactive TV,  Set Top Box.Abstrak. Dengan kebaruan teknologi televisi yang ditandai dengan tren DTV, Internet enabled Set-Top Box, dan DVR, pengguna televisi menjadi lebih sadar akan pengalaman yang interaktif dan kaya pada konten multimedia yang tampil di televisi mereka yang kemudian menjadi konsep TV interaktif. Interaktif TV memungkinkan pemirsa untuk mengambil kendali dari apa yang mereka ingin lihat, sesesuatu yang tidak mampu disediakan oleh TV konvensional. Dalam penelitian ini, akan ada aplikasi yang dikembangkan sehingga pengguna dapat menikmati layanan tambahan melalui TV mereka. CETV adalah bukti dari konsep konsep TV interaktif yang memungkinkan pengguna untuk mengakses layanan tambahan. CETV adalah kelompok 7 modul aplikasi yang berbeda yang memiliki fitur dan fungsi mereka sendiri. CETV memberikan layanan tambahan dan konten yang membawa interaktivitas dan kontrol kepada pengguna televisi.Kata kunci: Perangkat Tertanam, .NET Framework,  TV interaktif,  Set Top Box.

scholarly journals A proof-of-concept application of water-soluble ytterbium(iii) molecular probes in in vivo NIR-II whole body bioimaging

2019 ◽  
Vol 6 (8) ◽  
pp. 1962-1967 ◽  
Author(s):  
Yingying Ning ◽  
Si Chen ◽  
Hao Chen ◽  
Jing-Xiang Wang ◽  
Shuqing He ◽  
...  
Keyword(s):  
High Resolution ◽  
Lanthanide Complexes ◽  
Molecular Probes ◽  
Water Soluble ◽  
Whole Body ◽  
Proof Of Concept ◽  
Concept Application

Lanthanide complexes are firstly applied for in vivo NIR-II high resolution whole body bioimaging.

Sign in / Sign up

Export Citation Format

Share Document