4,460 research outputs found
Multi-Stage Group Key Distribution and PAKEs: Securing Zoom Groups against Malicious Servers without New Security Elements
Video conferencing apps like Zoom have hundreds of millions of daily users, making them a high-value target for surveillance and subversion. While such apps claim to achieve some forms of end-to-end encryption, they usually assume an incorruptible server that is able to identify and authenticate all the parties in a meeting. Concretely this means that, e.g., even when using the “end-to-end encrypted” setting, malicious Zoom servers could eavesdrop or impersonate in arbitrary groups.
In this work, we show how security against malicious servers can be improved by changing the way in which such protocols use passwords (known as passcodes in Zoom) and integrating
a password-authenticated key exchange (PAKE) protocol.
To formally prove that our approach achieves its goals, we
formalize a class of cryptographic protocols suitable for this setting, and define a basic security notion for them, in which group security can be achieved assuming the server is trusted to correctly authorize the group members. We prove that Zoom indeed meets this notion. We then propose a stronger security notion that can provide security against malicious servers, and propose a transformation that can achieve this notion. We show how we can apply our transformation to Zoom to provably achieve stronger security against malicious servers, notably without introducing new security elements
Microservices and serverless functions – lifecycle, performance, and resource utilisation of edge based real-time IoT analytics
Edge Computing harnesses resources close to the data sources to reduce end-to-end latency and allow real-time process automation for verticals such as Smart City, Healthcare and Industry 4.0. Edge resources are limited when compared to traditional Cloud data centres; hence the choice of proper resource management strategies in this context becomes paramount. Microservice and Function as a Service architectures support modular and agile patterns, compared to a monolithic design, through lightweight containerisation, continuous integration / deployment and scaling. The advantages brought about by these technologies may initially seem obvious, but we argue that their usage at the Edge deserves a more in-depth evaluation. By analysing both the software development and deployment lifecycle, along with performance and resource utilisation, this paper explores microservices and two alternative types of serverless functions to build edge real-time IoT analytics. In the experiments comparing these technologies, microservices generally exhibit slightly better end-to-end processing latency and resource utilisation than serverless functions. One of the serverless functions and the microservices excel at handling larger data streams with auto-scaling. Whilst serverless functions natively offer this feature, the choice of container orchestration framework may determine its availability for microservices. The other serverless function, while supporting a simpler lifecycle, is more suitable for low-invocation scenarios and faces challenges with parallel requests and inherent overhead, making it less suitable for real-time processing in demanding IoT settings
Language Design for Reactive Systems: On Modal Models, Time, and Object Orientation in Lingua Franca and SCCharts
Reactive systems play a crucial role in the embedded domain. They continuously interact with their environment, handle concurrent operations, and are commonly expected to provide deterministic behavior to enable application in safety-critical systems. In this context, language design is a key aspect, since carefully tailored language constructs can aid in addressing the challenges faced in this domain, as illustrated by the various concurrency models that prevent the known pitfalls of regular threads. Today, many languages exist in this domain and often provide unique characteristics that make them specifically fit for certain use cases. This thesis evolves around two distinctive languages: the actor-oriented polyglot coordination language Lingua Franca and the synchronous statecharts dialect SCCharts. While they take different approaches in providing reactive modeling capabilities, they share clear similarities in their semantics and complement each other in design principles. This thesis analyzes and compares key design aspects in the context of these two languages. For three particularly relevant concepts, it provides and evaluates lean and seamless language extensions that are carefully aligned with the fundamental principles of the underlying language. Specifically, Lingua Franca is extended toward coordinating modal behavior, while SCCharts receives a timed automaton notation with an efficient execution model using dynamic ticks and an extension toward the object-oriented modeling paradigm
Assessing the Role and Regulatory Impact of Digital Assets in Decentralizing Finance
This project will explore the development of decentralized financial (DeFi) markets since the first introduction of digital assets created through the application of a form of distributed ledger technology (DLT), known as blockchain, in 2008. More specifically, a qualitative inquiry of the role of digital assets in relation to traditional financial markets infrastructure will be conducted in order to answer the following questions:
(i) can the digital asset and decentralized financial markets examined in this thesis co-exist with traditional assets and financial markets, and, if so,
(ii) are traditional or novel forms of regulation (whether financial or otherwise) needed or desirable for the digital asset and decentralized financial markets examined herein?
The aim of this project will be to challenge a preliminary hypothesis that traditional and decentralized finance can be compatible; provided, that governments and other centralized authorities approach market innovations as an opportunity to improve existing monetary infrastructure and delivery of financial services (both in the public and private sector), rather than as an existential threat. Thus, this thesis seeks to establish that, through collaborating with private markets to identify the public good to which DeFi markets contribute, the public sector can foster an appropriate environment which is both promotive and protective of the public interest without unduly stifling innovation and progress
A Framework for Resilient, Transparent, High-throughput, Privacy-Enabled Central Bank Digital Currencies
Central Bank Digital Currencies refer to the digitization of lifecycle\u27s of central bank money in a way that meets first of a kind requirements for transparency in transaction processing, interoperability with legacy or new world, and resilience that goes beyond the traditional crash fault tolerant model. This comes in addition to legacy system requirements for privacy and regulation compliance, that may differ from central bank to central bank.
This paper introduces a novel framework for Central Bank Digital Currency settlement that outputs a system of record---acting a a trusted source of truth serving interoperation, and dispute resolution/fraud detection needs---, and brings together resilience in the event of parts of the system being compromised, with throughput comparable to crash-fault tolerant systems. Our system further exhibits agnosticity of the exact cryptographic protocol adopted for meeting privacy, compliance and transparency objectives, while ensuring compatibility with the existing protocols in the literature. For the latter, performance is architecturally guaranteed to scale horizontally. We evaluated our system\u27s performance using an enhanced version of Hyperledger Fabric, showing how a throughput of >100K TPS can be supported even with computation-heavy privacy-preserving protocols are in place
Backpropagation Beyond the Gradient
Automatic differentiation is a key enabler of deep learning: previously, practitioners were limited to models
for which they could manually compute derivatives. Now, they can create sophisticated models with almost
no restrictions and train them using first-order, i. e. gradient, information. Popular libraries like PyTorch
and TensorFlow compute this gradient efficiently, automatically, and conveniently with a single line of
code. Under the hood, reverse-mode automatic differentiation, or gradient backpropagation, powers the
gradient computation in these libraries. Their entire design centers around gradient backpropagation.
These frameworks are specialized around one specific task—computing the average gradient in a mini-batch.
This specialization often complicates the extraction of other information like higher-order statistical moments
of the gradient, or higher-order derivatives like the Hessian. It limits practitioners and researchers to methods
that rely on the gradient. Arguably, this hampers the field from exploring the potential of higher-order
information and there is evidence that focusing solely on the gradient has not lead to significant recent
advances in deep learning optimization.
To advance algorithmic research and inspire novel ideas, information beyond the batch-averaged gradient
must be made available at the same level of computational efficiency, automation, and convenience.
This thesis presents approaches to simplify experimentation with rich information beyond the gradient
by making it more readily accessible. We present an implementation of these ideas as an extension to the
backpropagation procedure in PyTorch. Using this newly accessible information, we demonstrate possible use
cases by (i) showing how it can inform our understanding of neural network training by building a diagnostic
tool, and (ii) enabling novel methods to efficiently compute and approximate curvature information.
First, we extend gradient backpropagation for sequential feedforward models to Hessian backpropagation
which enables computing approximate per-layer curvature. This perspective unifies recently proposed block-
diagonal curvature approximations. Like gradient backpropagation, the computation of these second-order
derivatives is modular, and therefore simple to automate and extend to new operations.
Based on the insight that rich information beyond the gradient can be computed efficiently and at the
same time, we extend the backpropagation in PyTorch with the BackPACK library. It provides efficient and
convenient access to statistical moments of the gradient and approximate curvature information, often at a
small overhead compared to computing just the gradient.
Next, we showcase the utility of such information to better understand neural network training. We build
the Cockpit library that visualizes what is happening inside the model during training through various
instruments that rely on BackPACK’s statistics. We show how Cockpit provides a meaningful statistical
summary report to the deep learning engineer to identify bugs in their machine learning pipeline, guide
hyperparameter tuning, and study deep learning phenomena.
Finally, we use BackPACK’s extended automatic differentiation functionality to develop ViViT, an approach
to efficiently compute curvature information, in particular curvature noise. It uses the low-rank structure
of the generalized Gauss-Newton approximation to the Hessian and addresses shortcomings in existing
curvature approximations. Through monitoring curvature noise, we demonstrate how ViViT’s information
helps in understanding challenges to make second-order optimization methods work in practice.
This work develops new tools to experiment more easily with higher-order information in complex deep
learning models. These tools have impacted works on Bayesian applications with Laplace approximations,
out-of-distribution generalization, differential privacy, and the design of automatic differentia-
tion systems. They constitute one important step towards developing and establishing more efficient deep
learning algorithms
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Multi-Factor Key Derivation Function (MFKDF) for Fast, Flexible, Secure, & Practical Key Management
We present the first general construction of a Multi-Factor Key Derivation
Function (MFKDF). Our function expands upon password-based key derivation
functions (PBKDFs) with support for using other popular authentication factors
like TOTP, HOTP, and hardware tokens in the key derivation process. In doing
so, it provides an exponential security improvement over PBKDFs with less than
12 ms of additional computational overhead in a typical web browser. We further
present a threshold MFKDF construction, allowing for client-side key recovery
and reconstitution if a factor is lost. Finally, by "stacking" derived keys, we
provide a means of cryptographically enforcing arbitrarily specific key
derivation policies. The result is a paradigm shift toward direct cryptographic
protection of user data using all available authentication factors, with no
noticeable change to the user experience. We demonstrate the ability of our
solution to not only significantly improve the security of existing systems
implementing PBKDFs, but also to enable new applications where PBKDFs would not
be considered a feasible approach.Comment: To appear in USENIX Security '2
Probabilistic inverse optimal control with local linearization for non-linear partially observable systems
Inverse optimal control methods can be used to characterize behavior in
sequential decision-making tasks. Most existing work, however, requires the
control signals to be known, or is limited to fully-observable or linear
systems. This paper introduces a probabilistic approach to inverse optimal
control for stochastic non-linear systems with missing control signals and
partial observability that unifies existing approaches. By using an explicit
model of the noise characteristics of the sensory and control systems of the
agent in conjunction with local linearization techniques, we derive an
approximate likelihood for the model parameters, which can be computed within a
single forward pass. We evaluate our proposed method on stochastic and
partially observable version of classic control tasks, a navigation task, and a
manual reaching task. The proposed method has broad applicability, ranging from
imitation learning to sensorimotor neuroscience
DiffBlender: Scalable and Composable Multimodal Text-to-Image Diffusion Models
The recent progress in diffusion-based text-to-image generation models has
significantly expanded generative capabilities via conditioning the text
descriptions. However, since relying solely on text prompts is still
restrictive for fine-grained customization, we aim to extend the boundaries of
conditional generation to incorporate diverse types of modalities, e.g.,
sketch, box, and style embedding, simultaneously. We thus design a multimodal
text-to-image diffusion model, coined as DiffBlender, that achieves the
aforementioned goal in a single model by training only a few small
hypernetworks. DiffBlender facilitates a convenient scaling of input
modalities, without altering the parameters of an existing large-scale
generative model to retain its well-established knowledge. Furthermore, our
study sets new standards for multimodal generation by conducting quantitative
and qualitative comparisons with existing approaches. By diversifying the
channels of conditioning modalities, DiffBlender faithfully reflects the
provided information or, in its absence, creates imaginative generation.Comment: 18 pages, 16 figures, and 3 table
- …