CWI
Amsterdam, Netherlands
CWI
Amsterdam, Netherlands

Time filter

Source Type

New API 580 preparation course for Risk Based Inspection certification (RBI) developed for specialized petro-chemical inspectors/engineers. Atlas API Training announced today the launch of their new API 580 training course for Risk Based Inspection certification (RBI) - available both online and now also available via Atlas’ new on-site training program. According to Hannon McLeod, president of Atlas, “The objective of this program is to provide inspectors with advanced (above the basic core API 510, 570 & 653 certifications) knowledge and skills in Risk-Based Inspection (RBI) based on the information contained in API RP 580.  This certificate adds significant value to one's professional credentials. It shows employers and clients a high level of proficiency and understanding in the field. The supplemental inspection certification program is open to anyone who is currently certified to API 510, 570 or 653.” Atlas offers online and on-site API exam prep courses including API 510/pressure vessel, API 570/pressure piping, API 653/storage tanks, for API 1169/pipeline inspection, API 580/risk based inspection, API 571/corrosion and materials, API TES/tank entry supervisor, API 936/refractory, and API 577/welding and metallurgy, and CWI/certified welding inspector. Customized inspection and maintenance of piping and equipment instruction is offered Atlas as requested by customers. The new API 580 course will provide our corporate partners both convenience and a highly-focused learning environment for greatest integration. Our instructors have more than a century of combined experience in the industry and as such are extremely qualified to provide top level training for clients. Established in Houston in 2014 by Hannon McLeod and Oran Lewis, Atlas API Training provides online and on-site petro-chemical and power industries exam preparation courses for advanced industry certification.  Over the past two years, Atlas has received multiple requests to expand their offering of advanced API certifications and is now developing additional industry specific training courses that will soon be available. Our online and on-site training courses are designed to give students the best opportunity to pass the critical certification exams. All courses are frequently updated to reflect the most current industry specific changes and testing parameters. In the effort to service the ever-increasing demand for onsite instruction, Atlas API Training has also expanded their instructor recruitment program. Contact: hannon@atlasapitraining.com.


Focus on applying latest technology to search, share and reuse data Network organization Amsterdam Data Science (ADS) signed an agreement with scientific information solutions provider Elsevier aimed at advancing data science research and education in Amsterdam. Both parties are embarking on a number of joint projects that will enable data scientists to access and share data and use the latest technology to collaborate and advance the field of data science together. Kajsa Ollongren, Alderperson and deputy mayor of the City of Amsterdam, supports the initiative: "The partnership between Elsevier and Amsterdam Data Science is great news for Amsterdam as it helps us to further develop the city as a hub in data science and attracting international technology talent.  Seeing our best educational and research institutes teaming up with Netherlands-based multinational science & health data company Elsevier will boost Amsterdam's international competitive position and improve the overall data tech climate in the greater Amsterdam metro area." ADS and Elsevier will collaborate together on several fronts, including research and development, joint promotion of Amsterdam as a data science center, and data science talent development. This partnership marks the first long-term collaboration agreement signed by ADS, an initiative of the University of Amsterdam, VU University, Amsterdam University of Applied Sciences and Centrum Wiskunde & Informatica. "Business and society are generating and storing more data than ever before", said Prof. Marcel Worring, Director of the Informatics Institute at the University of Amsterdam. "The most-heard questions across sectors are how to find and use that data to gain new insights and make informed decisions, but also how to enable reproducibility of the data, deploy semantic technologies and create a safe data sharing environment. Answering these questions requires a multi-stakeholder approach involving partners from academics, business and society. ADS bundles these forces. In Elsevier we've found a partner that has a proven track record in deploying technology to analyze data, enable data sharing and reuse and facilitate collaboration among researchers." "As a global technology company, we're engaging in data science and big data collaborations around the world", said Michiel Kolman, Senior Vice President Global Academic Relations at Elsevier. "But our company has its roots and its head office in the Netherlands so it's exciting to collaborate with ADS and local institutions to help develop our home city as a national and international data science hub, making it an even more attractive place for data science researchers. In addition to contributing to ADS' goals ourselves, we're looking forward to learn a lot from the companies and knowledge institutes that are part of the ADS network. Advancing data science is a multi-stakeholder endeavor." A number of projects have already started. These are focused on improving data search and reproducibility of research that will ultimately result in higher quality research outcomes. These projects entail: Both parties have committed to developing new projects together in the years to come, among other things providing corporate work experience programs for grad students and post-docs at Elsevier, and specialized Elsevier staff engaging in teaching the next generation data scientists. ADS is a platform and network organisation initiated by four Amsterdam-based knowledge institutes: University of Amsterdam (UvA), VU University, Amsterdam University of Applied Sciences (AUAS) and Centrum Wiskunde & Informatica (CWI). The institutions are well-known for their world-class research and education on data science.  ADS accelerates data science research by connecting, sharing and showcasing world-class technology, expertise and talent from Amsterdam on a regional, national and international level. Our research enables business and society to better gather, store, analyse and present data in order to gain valuable insights and make informed decisions. Elsevier is a world-leading provider of information solutions that enhance the performance of science, health, and technology professionals, empowering them to make better decisions, deliver better care, and sometimes make groundbreaking discoveries that advance the boundaries of knowledge and human progress. Elsevier provides web-based, digital solutions - among them ScienceDirect, Scopus, Research Intelligence and ClinicalKey - and publishes over 2,500 journals, including The Lancet and Cell, and more than 35,000 book titles, including a number of iconic reference works. Elsevier is part of RELX Group, a world-leading provider of information and analytics for professional and business customers across industries. http://www.elsevier.com


Atlas API Training provides online exam prep courses for the petro-chemical and power industries. They presently offer courses for API 510 / 570 and are developing courses in API 653, API 1169, API 936, CWI, NDT, Basic Geology, Advanced Geology, Process Heater Fundamentals, Introduction to QC, and Introduction to the Oilfield.


News Article | February 23, 2017
Site: phys.org

Today, researchers at the Dutch research institute CWI and Google jointly announce that they have broken the SHA-1 internet security standard in practice. This industry standard is used for digital signatures and file integrity verification, which secure credit card transactions, electronic documents, GIT open-source software repositories and software distribution. CWI cryptanalyst Marc Stevens says: "Many applications still use SHA-1, although it was officially deprecated by NIST in 2011 after exposed weaknesses since 2005. Our result proves that the deprecation by a large part of the industry has been too slow and that migration to safer standards should happen as soon as possible". The joint effort headed by Marc Stevens (CWI) and Elie Bursztein (Google) started more than two years ago to realize Stevens' advanced cryptanalytic research in practice with Google's computing infrastructure. They now successfully broke the industry standard SHA-1 using a so-called collision attack. SHA-1 is a cryptographic algorithm designed by the NSA and was standardized by NIST in 1995 to securely compute message fingerprints. These fingerprints are used in the computation of digital signatures, which are fundamental to Internet security, such as HTTPS (TLS,SSL) security, electronic banking, signing documents and software. Collisions – different messages with the same fingerprint – can lead to forgeries of digital signatures. For instance, a SHA-1 signature obtained for one file can also be misused as a valid signature for any other colliding file. The SHA-1 collision announced today is the culmination of a research line initiated at CWI more than seven years ago to develop an optimal practical collision attack against SHA-1. This previously resulted in the currently best known theoretical attack by Stevens in 2012 on which the announced result has built further upon. Elie Bursztein says: "Finding the collision in practice took a lot of effort both in building the cryptanalytic attack and in its large scale execution. It required over 9,223,372,036,854,775,808 SHA1 computations that took 6,500 years of CPU computation and 100 years of GPU computations. Yet this is more than 100,000 times faster than a brute force attack. We used the same infrastructure that powers many Google AI projects including Alpha Go and Google Photo as well as Google Cloud". Stevens says: "Lessons should have been learned from the warnings about similar attacks against SHA-1's predecessor MD5, such as the creation of a rogue Certification Authority in 2009 by an international team I was part of, and an attack by nation states in 2012 to craft malicious Windows updates to infect targeted machines in the Middle-East for espionage, which I showed to be a – then unknown – cryptographic attack variant." In the fall of 2015 Stevens, together with two co-authors, warned that finding a SHA-1 collision might cost around $75K-$120K by exploiting low-cost GPU resources on Amazon EC2, which was significantly cheaper than previously expected. The team's collision is used to create two different PDF files with the same SHA-1 fingerprint but chosen distinct visible contents, for instance two contracts with substantially different financial fees. Following the responsible disclosure process, the team will wait 90 days before releasing a PDF generator that will allow anyone to create lookalike PDF document pairs of their choice using the team's collision. To help prevent misuse by such forged PDF documents, the team offers a free online tool to scan for SHA-1 collisions in documents, which is based on Stevens' 2013 counter-cryptanalysis technique to detect whether any given single file has been created with a cryptanalytic collision attack. It can be found on: shatterered.io. The same protection for PDF documents is now automatic for Gmail and Google Drive users. To defend against SHA-1 collision attacks systems must migrate to SHA-2 or SHA-3. In the case of HTTPS, the effort to move from SHA-1 certificates to SHA-2 certificates began in 2015. And starting this year browsers will mark SHA-1 based certificates as insecure. Similarly, backup systems and document signatures systems should be transitioned to SHA-2. This result is the product of a long term collaboration between the Cryptology Group at Centrum Wiskunde & Informatica – the national research institute for mathematics and computer science in the Netherlands - and the Google Research Security, Privacy and Anti-abuse Group. Two years ago Marc Stevens and Elie Bursztein, leader of Google's anti-abuse research team, began collaborating on making Marc's cryptanalytic attacks against SHA-1 practical using Google infrastructure. Since then many CWI researchers and Googlers have helped make this project possible, including Pierre Karpman (CWI) who worked on the cryptanalysis and prototype GPU implementation, and from Google Ange Albertini who developed the PDF attack, Yarik Markov who took care of the distributed GPU code and Clement Blaisse who oversaw the reliability of the computations. More details about the SHA1 attack, how to detect it and the research paper detailing the attack is available at https://shattered.io. More information: For the research paper, please refer to shattered.io


News Article | February 24, 2017
Site: www.techtimes.com

Google has announced that it has cracked the Secured Hash Algorithm 1 (SHA-1) cryptographic function, marking a milestone that spells both danger and opportunity for the computing world. The unprecedented feat was achieved through the real-world collision attack on the cryptographic algorithm, which led to the production of two PDF files that contain similar SHA-1 signature. As a mathematical algorithm, the SHA-1 is capable of transforming a digital object into a hash or its representation. For example, if the algorithm is used to convert or verify an email signature, the SHA-1 will transform it into a string of 40 characters. The elaborate combination of numbers and the way SHA-1 attaches such strings into digital objects makes it an effective mechanism to authenticate digital files. Here, identical files can have the same SHA-1 hash but two different files cannot be identified with the same string of characters. However, that is what exactly the researchers at Google were able to achieve. With help from peers at CWI Institute in Amsterdam, they successfully created two different files with the same SHA-1 footprint. Google's successful breach is a critical security issue because the SHA-1 function is currently used in financial processes. Specifically, the algorithm is said to be still widely used to validate credit card transactions. It is also employed to verify electronic documents and software updates. "It is now practically possible to craft two colliding PDF files and obtain a SHA-1 digital signature on the first PDF file which can also be abused as a valid signature on the second PDF file," the webpage dedicated to the initiative explained. Google cited a specific example to demonstrate the breach's impact. When one creates a rental agreement that involves a digital signature, it is now possible for one of the parties to create another rental agreement with different clauses or provisions but with the same valid signature. To be fair, SHA-1, which was developed back in 1995, has already been labeled as unsafe. This was highlighted back in 2011 when the U.S. National Institute of Standards and Technology officially deprecated the algorithm especially in transactions conducted in federal agencies. Some companies have also followed suit especially after incidents involving the SHA-1 vulnerability affected even Apple. The algorithm was also partly blamed for the Dropbox hack that exposed 68 million user accounts. Again, many companies still use it even after such bans. For example, Mozilla has allowed Symantec last year to issue a SHA-1 certificate to Worldpay just to accommodate more than 10,000 payment terminals that have not been upgraded. These terminals were given the green light to communicate with servers that process consumer transactions. According to Google, many applications also still use the algorithm and it hopes that its practical attack will serve as an opportunity for the industry to adopt safer alternatives. In the meantime, you can protect yourself from risk by using Chrome for your transactions because the browser automatically treats those with SHA-1 certificates as insecure. © 2017 Tech Times, All rights reserved. Do not reproduce without permission.


News Article | March 1, 2017
Site: www.marketwired.com

NOT FOR DISTRIBUTION IN THE UNITED STATES OR OVER UNITED STATES NEWS WIRE SERVICES Crosswinds Holdings Inc. (TSX:CWI) ("Crosswinds" or the "Company") is pleased to announce that it has successfully completed its previously announced rights offering which expired on February 28, 2017 (the "Rights Offering"), raising total aggregate gross proceeds of $4,880,115. Crosswinds issued 3,904,092 common shares of the Company ("Common Shares") under the Rights Offering at a price of $1.25 per Common Share. To the knowledge of the Company, 1,839,372 Common Shares were issued to persons who were insiders before the Rights Offering under the basic subscription privilege. Also to the knowledge of the Company, 907,370 Common Shares were issued to all other persons under the basic subscription privilege and 1,157,350 Common Shares were issued to all such other persons under the additional subscription privilege. The Company's largest shareholder, CDJ Global Catalyst LLC, an entity controlled by Colin King, the CEO of Crosswinds, has advised that upon completion of the Rights Offering, it exercises control or direction over managed accounts representing an aggregate of approximately 52.3% of the issued and outstanding Common Shares of Crosswinds. To the knowledge of the Company, no person became an insider as a result of the Rights Offering. Crosswinds' CEO, Colin King, commented, "We are pleased with the result of the Rights Offering which achieved the articulated dual objectives for the Rights Offering: raising funds and enhancing liquidity by increasing shareholder distribution, all while minimizing dilution to existing shareholders." On completion of the Rights Offering, the total number of issued and outstanding shares of the Company is now 9,208,099. Other than a fee of $25,000 paid to Hybrid Financial to provide marketing and distribution support in connection with the Rights Offering, the Company did not pay any fees or commissions in connection with the distribution of securities in the Rights Offering. Crosswinds intends to use the available funds from the Rights Offering for general working capital purposes, to fund Crosswinds' reinsurance subsidiary, Crosswinds Re, and to explore InsurTech opportunities, however there may be circumstances where a reallocation of the available funds may be necessary. Crosswinds will reallocate funds only for sound business reasons, all as described in the rights offering circular filed on SEDAR at www.sedar.com. Crosswinds is a publicly traded private equity firm and asset manager targeting strategic and opportunistic investments in the financial services sector with a particular focus on the insurance industry. The securities described in this press release have not been and will not be registered under the United States Securities Act of 1933, as amended (the U.S. Securities Act), or the securities laws of any state of the "United States" (as defined in Regulation S under the U.S. Securities Act). This press release does not constitute an offer to sell or a solicitation of an offer to buy any securities within the United States, and securities may not be offered or sold in or into the United States or to U.S. persons unless registered under the 1933 Act and applicable state securities laws, or pursuant to an exemption from such registration requirements as described in the Rights offering circular. "United States" and "U.S. persons" are as defined in Regulation S under the 1933 Act. This release includes certain forward-looking statements. Forward-looking statements generally can be identified by the use of forward-looking terminology such as "may", "will", "expect", "intend", "estimate", "anticipate", "believe", "should", "plans" or "continue" or the negative thereof or variations thereon or similar terminology. Although the Company believes that the expectations reflected in such forward-looking statements are reasonable, it can give no assurance that such expectations will prove to be correct. These forward-looking statements are subject to a number of risks and uncertainties. Actual results could differ materially from those anticipated in these forward-looking statements. Reference should be made to the risk factors in the Company's most recent Annual Information Form, in the Management's Discussion and Analysis and in our other filings with Canadian securities regulators. Additional important factors that could cause actual results to differ materially from expectations include, among other things, general economic and market factors, competition, interest rates, tax related matters, loss of personnel, reliance on key personnel, ability of the Company to generate positive future returns for investors, ability of the Company to execute its strategies from time to time; and the receipt of any regulatory approvals or consents required from time to time.


Patent
University of Antwerp and Cwi | Date: 2012-10-30

A method for determining a projection angle for use in tomographic imaging comprises obtaining projection data including at least one projection view from at least one projection angle. The at least one projection view is generated by scanning a test object with a tomographic imaging device. Each projection view comprises at least one observation value obtained at least one detection location, providing a plurality of candidate projection angles, for each candidate projection angle, calculating a function value indicative of an amount of information that may be gained by adding to the projection data a further projection view generated by scanning of the test object with the tomographic imaging device from the candidate projection angle, and selecting a candidate projection angle from the plurality of candidate projection angles taking into account the function values. A corresponding system and computer program product also is provided.


Patent
University of Antwerp and Cwi | Date: 2012-07-17

A method for applying a filter component for an analytical tomographic reconstruction technique, e.g. filtered backprojection, used in tomographic comprises providing an algebraic reconstruction algorithm for reconstructing a spatial representation of a volume of interest from a projection data set. It thereby takes into account a geometry of the tomographic imaging. The method also comprises applying the algebraic reconstruction algorithm to a plurality of virtual projection data setscorresponding with a basis vector of a basis for the projection spaceto produce a plurality of reconstructed spatial representations and determining the filter component using the plurality of reconstructed spatial representations, and applying the filter. Applying the analytical reconstruction technique with the determined filter component may inherit beneficial properties from the algebraic reconstruction algorithm, e.g. versatility and robustness to noise, without incurring the associated computational cost.


Stevens M.,CWI
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

The main contributions of this paper are two-fold. Firstly, we present a novel direction in the cryptanalysis of the cryptographic hash function SHA-1. Our work builds on previous cryptanalytic efforts on SHA-1 based on combinations of local collisions. Due to dependencies, previous approaches used heuristic corrections when combining the success probabilities and message conditions of the individual local collisions. Although this leads to success probabilities that are seemingly sufficient for feasible collision attacks, this approach most often does not lead to the maximum success probability possible as desired. We introduce novel techniques that enable us to determine the theoretical maximum success probability for a given set of (dependent) local collisions, as well as the smallest set of message conditions that attains this probability. We apply our new techniques and present an implemented open-source near-collision attack on SHA-1 with a complexity equivalent to 257.5 SHA-1 compressions. Secondly, we present an identical-prefix collision attack and a chosen-prefix collision attack on SHA-1 with complexities equivalent to approximately 2 61 and 277.1 SHA-1 compressions, respectively. © 2013 International Association for Cryptologic Research.


Martinez A.,CWI
IEEE Transactions on Information Theory | Year: 2011

Communication across an additive exponential noise (AEN) channel is studied. The AEN channel is derived from a continuous-time Gaussian channel by assuming decoherence between the signal and noise components. Decoherence renders impossible the use of the complex amplitude and information is transmitted by modulating the signal energy. The AEN channel is shown to perform closely-in terms of channel, information rate, and error probability of binary codes, including the use of bit-interleaved coded modulation-to an equivalent discrete-time Gaussian channel of identical signal-to-noise ratio. Constellations are designed for low signal-to-noise ratios, where the minimum energy per bit is not universally attained by all modulations, and for high signal-to-noise ratios, where an equiprobable nonuniform constellation 0.76 dB away from capacity is described. The multiple-access AEN channel is also considered: its capacity region coincides with that of the Gaussian equivalent; feedback does not, however, enlarge the capacity region. © 2011 IEEE.

Loading CWI collaborators
Loading CWI collaborators