19,965 research outputs found
More is Less: Perfectly Secure Oblivious Algorithms in the Multi-Server Setting
The problem of Oblivious RAM (ORAM) has traditionally been studied in a
single-server setting, but more recently the multi-server setting has also been
considered. Yet it is still unclear whether the multi-server setting has any
inherent advantages, e.g., whether the multi-server setting can be used to
achieve stronger security goals or provably better efficiency than is possible
in the single-server case.
In this work, we construct a perfectly secure 3-server ORAM scheme that
outperforms the best known single-server scheme by a logarithmic factor. In the
process, we also show, for the first time, that there exist specific algorithms
for which multiple servers can overcome known lower bounds in the single-server
setting.Comment: 36 pages, Accepted in Asiacrypt 201
Exact and fixed-parameter algorithms for metro-line crossing minimization problems
A metro-line crossing minimization problem is to draw multiple lines on an
underlying graph that models stations and rail tracks so that the number of
crossings of lines becomes minimum. It has several variations by adding
restrictions on how lines are drawn. Among those, there is one with a
restriction that line terminals have to be drawn at a verge of a station, and
it is known to be NP-hard even when underlying graphs are paths. This paper
studies the problem in this setting, and propose new exact algorithms. We first
show that a problem to decide if lines can be drawn without crossings is solved
in polynomial time, and propose a fast exponential algorithm to solve a
crossing minimization problem. We then propose a fixed-parameter algorithm with
respect to the multiplicity of lines, which implies that the problem is FPT.Comment: 19 pages, 15 figure
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization
Recent research has demonstrated that Intel's SGX is vulnerable to various
software-based side-channel attacks. In particular, attacks that monitor CPU
caches shared between the victim enclave and untrusted software enable accurate
leakage of secret enclave data. Known defenses assume developer assistance,
require hardware changes, impose high overhead, or prevent only some of the
known attacks. In this paper we propose data location randomization as a novel
defensive approach to address the threat of side-channel attacks. Our main goal
is to break the link between the cache observations by the privileged adversary
and the actual data accesses by the victim. We design and implement a
compiler-based tool called DR.SGX that instruments enclave code such that data
locations are permuted at the granularity of cache lines. We realize the
permutation with the CPU's cryptographic hardware-acceleration units providing
secure randomization. To prevent correlation of repeated memory accesses we
continuously re-randomize all enclave data during execution. Our solution
effectively protects many (but not all) enclaves from cache attacks and
provides a complementary enclave hardening technique that is especially useful
against unpredictable information leakage
Native metaheuristics for non-permutation flowshop scheduling
The most general flowshop scheduling problem is also addressed in the literature as non-permutation flowshop
(NPFS). Current processors are able to cope with the combinatorial complexity of (n!)exp m. NPFS scheduling by
metaheuristics. After briefly discussing the requirements for a manufacturing layout to be designed and
modeled as non-permutation flowshop, a disjunctive graph (digraph) approach is used to build native
solutions. The implementation of an Ant Colony Optimization (ACO) algorithm has been described in detail;
it has been shown how the biologically inspired mechanisms produce eligible schedules, as opposed to most
metaheuristics approaches, which improve permutation solutions. ACO algorithms are an example of native
non-permutation (NNP) solutions of the flowshop scheduling problem, opening a new perspective on building
purely native approaches. The proposed NNP-ACO has been assessed over existing native approaches
improving most makespan upper bounds of the benchmark problems from Demirkol et al. (1998)
Barrel Shifter Physical Unclonable Function Based Encryption
Physical Unclonable Functions (PUFs) are circuits designed to extract
physical randomness from the underlying circuit. This randomness depends on the
manufacturing process. It differs for each device enabling chip-level
authentication and key generation applications. We present a protocol utilizing
a PUF for secure data transmission. Parties each have a PUF used for encryption
and decryption; this is facilitated by constraining the PUF to be commutative.
This framework is evaluated with a primitive permutation network - a barrel
shifter. Physical randomness is derived from the delay of different shift
paths. Barrel shifter (BS) PUF captures the delay of different shift paths.
This delay is entangled with message bits before they are sent across an
insecure channel. BS-PUF is implemented using transmission gates; their
characteristics ensure same-chip reproducibility, a necessary property of PUFs.
Post-layout simulations of a common centroid layout 8-level barrel shifter in
0.13 {\mu}m technology assess uniqueness, stability and randomness properties.
BS-PUFs pass all selected NIST statistical randomness tests. Stability similar
to Ring Oscillator (RO) PUFs under environment variation is shown. Logistic
regression of 100,000 plaintext-ciphertext pairs (PCPs) failed to successfully
model BS- PUF behavior
Line-distortion, Bandwidth and Path-length of a graph
We investigate the minimum line-distortion and the minimum bandwidth problems
on unweighted graphs and their relations with the minimum length of a
Robertson-Seymour's path-decomposition. The length of a path-decomposition of a
graph is the largest diameter of a bag in the decomposition. The path-length of
a graph is the minimum length over all its path-decompositions. In particular,
we show:
- if a graph can be embedded into the line with distortion , then
admits a Robertson-Seymour's path-decomposition with bags of diameter at most
in ;
- for every class of graphs with path-length bounded by a constant, there
exist an efficient constant-factor approximation algorithm for the minimum
line-distortion problem and an efficient constant-factor approximation
algorithm for the minimum bandwidth problem;
- there is an efficient 2-approximation algorithm for computing the
path-length of an arbitrary graph;
- AT-free graphs and some intersection families of graphs have path-length at
most 2;
- for AT-free graphs, there exist a linear time 8-approximation algorithm for
the minimum line-distortion problem and a linear time 4-approximation algorithm
for the minimum bandwidth problem
- …