Generic Secure Repair for Distributed Storage

This paper studies the problem of repairing secret sharing schemes, i.e., schemes that encode a message into $n$ shares, assigned to $n$ nodes, so that any $n-r$ nodes can decode the message but any colluding $z$ nodes cannot infer any information about the message. In the event of node failures so that shares held by the failed nodes are lost, the system needs to be repaired by reconstructing and reassigning the lost shares to the failed (or replacement) nodes. This can be achieved trivially by a trustworthy third-party that receives the shares of the available nodes, recompute and reassign the lost shares. The interesting question, studied in the paper, is how to repair without a trustworthy third-party. The main issue that arises is repair security: how to maintain the requirement that any colluding $z$ nodes, including the failed nodes, cannot learn any information about the message, during and after the repair process? We solve this secure repair problem from the perspective of secure multi-party computation. Specifically, we design generic repair schemes that can securely repair any (scalar or vector) linear secret sharing schemes. We prove a lower bound on the repair bandwidth of secure repair schemes and show that the proposed secure repair schemes achieve the optimal repair bandwidth up to a small constant factor when $n$ dominates $z$, or when the secret sharing scheme being repaired has optimal rate. We adopt a formal information-theoretic approach in our analysis and bounds. A main idea in our schemes is to allow a more flexible repair model than the straightforward one-round repair model implicitly assumed by existing secure regenerating codes. Particularly, the proposed secure repair schemes are simple and efficient two-round protocols

Optimal Query Complexity for Reconstructing Hypergraphs

In this paper we consider the problem of reconstructing a hidden weighted hypergraph of constant rank using additive queries. We prove the following: Let $G$ be a weighted hidden hypergraph of constant rank with n vertices and $m$ hyperedges. For any $m$ there exists a non-adaptive algorithm that finds the edges of the graph and their weights using $$O(\frac{m\log n}{\log m})$$ additive queries. This solves the open problem in [S. Choi, J. H. Kim. Optimal Query Complexity Bounds for Finding Graphs. {\em STOC}, 749--758,~2008]. When the weights of the hypergraph are integers that are less than $O(poly(n^d/m))$ where $d$ is the rank of the hypergraph (and therefore for unweighted hypergraphs) there exists a non-adaptive algorithm that finds the edges of the graph and their weights using $$O(\frac{m\log \frac{n^d}{m}}{\log m}).$$ additive queries. Using the information theoretic bound the above query complexities are tight

Securing state reconstruction under sensor and actuator attacks: Theory and design

This paper discusses the problem of reconstructing the state of a linear time invariant system when some of its actuators and sensors are compromised by an adversarial agent. In the model considered in this paper, the adversarial agent attacks an input (output) by manipulating its value arbitrarily, i.e., we impose no constraints (statistical or otherwise) on how control commands (sensor measurements) are changed by the adversary other than a bound on the number of attacked actuators and sensors In the first part of this paper, we introduce the notion of sparse strong observability and we show that is a necessary and sufficient condition for correctly reconstructing the state despite the considered attacks. In the second half of this work, we propose an observer to harness the complexity of this intrinsically combinatorial problem, by leveraging satisfiability modulo theory solving. Numerical simulations illustrate the effectiveness and scalability of our observer

Criminal law as a security project

This paper asks how criminal might be understood as a security project. Following Valverde’s lead, it does this not by trying to define the concept of security, but by looking at the operation of the temporal and spatial logics of the criminal law. It looks first at the basic logics of time and space in conceptions of criminal liability and jurisdiction, before reviewing some recent developments which challenge these practices and what these might mean for criminal law as a security project

A spin glass model for reconstructing nonlinearly encrypted signals corrupted by noise

An encryption of a signal ${\bf s}\in\mathbb{R^N}$ is a random mapping ${\bf s}\mapsto \textbf{y}=(y_1,\ldots,y_M)^T\in \mathbb{R}^M$ which can be corrupted by an additive noise. Given the Encryption Redundancy Parameter (ERP) $\mu=M/N\ge 1$, the signal strength parameter $R=\sqrt{\sum_i s_i^2/N}$, and the ('bare') noise-to-signal ratio (NSR) $\gamma\ge 0$, we consider the problem of reconstructing ${\bf s}$ from its corrupted image by a Least Square Scheme for a certain class of random Gaussian mappings. The problem is equivalent to finding the configuration of minimal energy in a certain version of spherical spin glass model, with squared Gaussian-distributed random potential. We use the Parisi replica symmetry breaking scheme to evaluate the mean overlap $p_{\infty}\in [0,1]$ between the original signal and its recovered image (known as 'estimator') as $N\to \infty$, which is a measure of the quality of the signal reconstruction. We explicitly analyze the general case of linear-quadratic family of random mappings and discuss the full $p_{\infty} (\gamma)$ curve. When nonlinearity exceeds a certain threshold but redundancy is not yet too big, the replica symmetric solution is necessarily broken in some interval of NSR. We show that encryptions with a nonvanishing linear component permit reconstructions with $p_{\infty}>0$ for any $\mu>1$ and any $\gamma<\infty$, with $p_{\infty}\sim \gamma^{-1/2}$ as $\gamma\to \infty$. In contrast, for the case of purely quadratic nonlinearity, for any ERP $\mu>1$ there exists a threshold NSR value $\gamma_c(\mu)$ such that $p_{\infty}=0$ for $\gamma>\gamma_c(\mu)$ making the reconstruction impossible. The behaviour close to the threshold is given by $p_{\infty}\sim (\gamma_c-\gamma)^{3/4}$ and is controlled by the replica symmetry breaking mechanism.Comment: 33 pages, 5 figure