LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed

Running off-site software middleboxes at third-party service providers has been a popular practice. However, routing large volumes of raw traffic, which may carry sensitive information, to a remote site for processing raises severe security concerns. Prior solutions often abstract away important factors pertinent to real-world deployment. In particular, they overlook the significance of metadata protection and stateful processing. Unprotected traffic metadata like low-level headers, size and count, can be exploited to learn supposedly encrypted application contents. Meanwhile, tracking the states of 100,000s of flows concurrently is often indispensable in production-level middleboxes deployed at real networks. We present LightBox, the first system that can drive off-site middleboxes at near-native speed with stateful processing and the most comprehensive protection to date. Built upon commodity trusted hardware, Intel SGX, LightBox is the product of our systematic investigation of how to overcome the inherent limitations of secure enclaves using domain knowledge and customization. First, we introduce an elegant virtual network interface that allows convenient access to fully protected packets at line rate without leaving the enclave, as if from the trusted source network. Second, we provide complete flow state management for efficient stateful processing, by tailoring a set of data structures and algorithms optimized for the highly constrained enclave space. Extensive evaluations demonstrate that LightBox, with all security benefits, can achieve 10Gbps packet I/O, and that with case studies on three stateful middleboxes, it can operate at near-native speed.Comment: Accepted at ACM CCS 201

Super cavity solitons and the coexistence of multiple nonlinear states in a tristable passive Kerr resonator

Passive Kerr cavities driven by coherent laser fields display a rich landscape of nonlinear physics, including bistability, pattern formation, and localised dissipative structures (solitons). Their conceptual simplicity has for several decades offered an unprecedented window into nonlinear cavity dynamics, providing insights into numerous systems and applications ranging from all-optical memory devices to microresonator frequency combs. Yet despite the decades of study, a recent theoretical study has surprisingly alluded to an entirely new and unexplored paradigm in the regime where nonlinearly tilted cavity resonances overlap with one another [T. Hansson and S. Wabnitz, J. Opt. Soc. Am. B 32, 1259 (2015)]. We have used synchronously driven fiber ring resonators to experimentally access this regime, and observed the rise of new nonlinear dissipative states. Specifically, we have observed, for the first time to the best of our knowledge, the stable coexistence of dissipative (cavity) solitons and extended modulation instability (Turing) patterns, and performed real time measurements that unveil the dynamics of the ensuing nonlinear structures. When operating in the regime of continuous wave tristability, we have further observed the coexistence of two distinct cavity soliton states, one of which can be identified as a "super" cavity soliton as predicted by Hansson and Wabnitz. Our experimental findings are in excellent agreement with theoretical analyses and numerical simulations of the infinite-dimensional Ikeda map that governs the cavity dynamics. The results from our work reveal that experimental systems can support complex combinations of distinct nonlinear states, and they could have practical implications to future microresonator-based frequency comb sources.Comment: 13 pages, 6 figure

Three-dimensional alpha shapes

Frequently, data in scientific computing is in its abstract form a finite point set in space, and it is sometimes useful or required to compute what one might call the ``shape'' of the set. For that purpose, this paper introduces the formal notion of the family of $\alpha$-shapes of a finite point set in \Real^3. Each shape is a well-defined polytope, derived from the Delaunay triangulation of the point set, with a parameter \alpha \in \Real controlling the desired level of detail. An algorithm is presented that constructs the entire family of shapes for a given set of size $n$ in time $O(n^2)$, worst case. A robust implementation of the algorithm is discussed and several applications in the area of scientific computing are mentioned.Comment: 32 page

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Disk Heating, Galactoseismology, and the Formation of Stellar Halos

Deep photometric surveys of the Milky Way have revealed diffuse structures encircling our Galaxy far beyond the "classical" limits of the stellar disk. This paper reviews results from our own and other observational programs, which together suggest that, despite their extreme positions, the stars in these structures were formed in our Galactic disk. Mounting evidence from recent observations and simulations implies kinematic connections between several of these distinct structures. This suggests the existence of collective disk oscillations that can plausibly be traced all the way to asymmetries seen in the stellar velocity distribution around the Sun. There are multiple interesting implications of these findings: they promise new perspectives on the process of disk heating, they provide direct evidence for a stellar halo formation mechanism in addition to the accretion and disruption of satellite galaxies, and, they motivate searches of current and near-future surveys to trace these oscillations across the Galaxy. Such maps could be used as dynamical diagnostics in the emerging field of "Galactoseismology", which promises to model the history of interactions between the Milky Way and its entourage of satellites, as well examine the density of our dark matter halo. As sensitivity to very low surface brightness features around external galaxies increases, many more examples of such disk oscillations will likely be identified. Statistical samples of such features not only encode detailed information about interaction rates and mergers, but also about long sought-after dark matter halo densities and shapes. Models for the Milky Way's own Galactoseismic history will therefore serve as a critical foundation for studying the weak dynamical interactions of galaxies across the universe.Comment: 20 pages, 5 figures, accepted in for publication in a special edition of the journal "Galaxies", reporting the proceedings of the conference "On the Origin (and Evolution) of Baryonic Galaxy Halos", Puerto Ayora, Ecuador, March 13-17 2017, Eds. Duncan A. Forbes and Ericson D. Lope

Ionospheric Multi-Spacecraft Analysis Tools

This open access book provides a comprehensive toolbox of analysis techniques for ionospheric multi-satellite missions. The immediate need for this volume was motivated by the ongoing ESA Swarm satellite mission, but the tools that are described are general and can be used for any future ionospheric multi-satellite mission with comparable instrumentation. In addition to researching the immediate plasma environment and its coupling to other regions, such a mission aims to study the Earth’s main magnetic field and its anomalies caused by core, mantle, or crustal sources. The parameters for carrying out this kind of work are examined in these chapters. Besides currents, electric fields, and plasma convection, these parameters include ionospheric conductance, Joule heating, neutral gas densities, and neutral winds.

Quantum entanglement in photosynthetic light harvesting complexes

Light harvesting components of photosynthetic organisms are complex, coupled, many-body quantum systems, in which electronic coherence has recently been shown to survive for relatively long time scales despite the decohering effects of their environments. Within this context, we analyze entanglement in multi-chromophoric light harvesting complexes, and establish methods for quantification of entanglement by presenting necessary and sufficient conditions for entanglement and by deriving a measure of global entanglement. These methods are then applied to the Fenna-Matthews-Olson (FMO) protein to extract the initial state and temperature dependencies of entanglement. We show that while FMO in natural conditions largely contains bipartite entanglement between dimerized chromophores, a small amount of long-range and multipartite entanglement exists even at physiological temperatures. This constitutes the first rigorous quantification of entanglement in a biological system. Finally, we discuss the practical utilization of entanglement in densely packed molecular aggregates such as light harvesting complexes.Comment: 14 pages, 7 figures. Improved presentation, published versio