More is Less: Perfectly Secure Oblivious Algorithms in the Multi-Server Setting

The problem of Oblivious RAM (ORAM) has traditionally been studied in a single-server setting, but more recently the multi-server setting has also been considered. Yet it is still unclear whether the multi-server setting has any inherent advantages, e.g., whether the multi-server setting can be used to achieve stronger security goals or provably better efficiency than is possible in the single-server case. In this work, we construct a perfectly secure 3-server ORAM scheme that outperforms the best known single-server scheme by a logarithmic factor. In the process, we also show, for the first time, that there exist specific algorithms for which multiple servers can overcome known lower bounds in the single-server setting.Comment: 36 pages, Accepted in Asiacrypt 201

Exact and fixed-parameter algorithms for metro-line crossing minimization problems

A metro-line crossing minimization problem is to draw multiple lines on an underlying graph that models stations and rail tracks so that the number of crossings of lines becomes minimum. It has several variations by adding restrictions on how lines are drawn. Among those, there is one with a restriction that line terminals have to be drawn at a verge of a station, and it is known to be NP-hard even when underlying graphs are paths. This paper studies the problem in this setting, and propose new exact algorithms. We first show that a problem to decide if lines can be drawn without crossings is solved in polynomial time, and propose a fast exponential algorithm to solve a crossing minimization problem. We then propose a fixed-parameter algorithm with respect to the multiplicity of lines, which implies that the problem is FPT.Comment: 19 pages, 15 figure

DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization

Recent research has demonstrated that Intel's SGX is vulnerable to various software-based side-channel attacks. In particular, attacks that monitor CPU caches shared between the victim enclave and untrusted software enable accurate leakage of secret enclave data. Known defenses assume developer assistance, require hardware changes, impose high overhead, or prevent only some of the known attacks. In this paper we propose data location randomization as a novel defensive approach to address the threat of side-channel attacks. Our main goal is to break the link between the cache observations by the privileged adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments enclave code such that data locations are permuted at the granularity of cache lines. We realize the permutation with the CPU's cryptographic hardware-acceleration units providing secure randomization. To prevent correlation of repeated memory accesses we continuously re-randomize all enclave data during execution. Our solution effectively protects many (but not all) enclaves from cache attacks and provides a complementary enclave hardening technique that is especially useful against unpredictable information leakage

Native metaheuristics for non-permutation flowshop scheduling

The most general flowshop scheduling problem is also addressed in the literature as non-permutation flowshop (NPFS). Current processors are able to cope with the combinatorial complexity of (n!)exp m. NPFS scheduling by metaheuristics. After briefly discussing the requirements for a manufacturing layout to be designed and modeled as non-permutation flowshop, a disjunctive graph (digraph) approach is used to build native solutions. The implementation of an Ant Colony Optimization (ACO) algorithm has been described in detail; it has been shown how the biologically inspired mechanisms produce eligible schedules, as opposed to most metaheuristics approaches, which improve permutation solutions. ACO algorithms are an example of native non-permutation (NNP) solutions of the flowshop scheduling problem, opening a new perspective on building purely native approaches. The proposed NNP-ACO has been assessed over existing native approaches improving most makespan upper bounds of the benchmark problems from Demirkol et al. (1998)

Barrel Shifter Physical Unclonable Function Based Encryption

Physical Unclonable Functions (PUFs) are circuits designed to extract physical randomness from the underlying circuit. This randomness depends on the manufacturing process. It differs for each device enabling chip-level authentication and key generation applications. We present a protocol utilizing a PUF for secure data transmission. Parties each have a PUF used for encryption and decryption; this is facilitated by constraining the PUF to be commutative. This framework is evaluated with a primitive permutation network - a barrel shifter. Physical randomness is derived from the delay of different shift paths. Barrel shifter (BS) PUF captures the delay of different shift paths. This delay is entangled with message bits before they are sent across an insecure channel. BS-PUF is implemented using transmission gates; their characteristics ensure same-chip reproducibility, a necessary property of PUFs. Post-layout simulations of a common centroid layout 8-level barrel shifter in 0.13 {\mu}m technology assess uniqueness, stability and randomness properties. BS-PUFs pass all selected NIST statistical randomness tests. Stability similar to Ring Oscillator (RO) PUFs under environment variation is shown. Logistic regression of 100,000 plaintext-ciphertext pairs (PCPs) failed to successfully model BS- PUF behavior

Line-distortion, Bandwidth and Path-length of a graph

We investigate the minimum line-distortion and the minimum bandwidth problems on unweighted graphs and their relations with the minimum length of a Robertson-Seymour's path-decomposition. The length of a path-decomposition of a graph is the largest diameter of a bag in the decomposition. The path-length of a graph is the minimum length over all its path-decompositions. In particular, we show: - if a graph $G$ can be embedded into the line with distortion $k$, then $G$ admits a Robertson-Seymour's path-decomposition with bags of diameter at most $k$ in $G$; - for every class of graphs with path-length bounded by a constant, there exist an efficient constant-factor approximation algorithm for the minimum line-distortion problem and an efficient constant-factor approximation algorithm for the minimum bandwidth problem; - there is an efficient 2-approximation algorithm for computing the path-length of an arbitrary graph; - AT-free graphs and some intersection families of graphs have path-length at most 2; - for AT-free graphs, there exist a linear time 8-approximation algorithm for the minimum line-distortion problem and a linear time 4-approximation algorithm for the minimum bandwidth problem