Security against individual attacks for realistic quantum key distribution

I prove the security of quantum key distribution against individual attacks for realistic signals sources, including weak coherent pulses and downconversion sources. The proof applies to the BB84 protocol with the standard detection scheme (no strong reference pulse). I obtain a formula for the secure bit rate per time slot of an experimental setup which can be used to optimize the performance of existing schemes for the considered scenario.Comment: 10 pages, 4 figure

Adaptive real time selection for quantum key distribution in lossy and turbulent free-space channels

The unconditional security in the creation of cryptographic keys obtained by quantum key distribution (QKD) protocols will induce a quantum leap in free-space communication privacy in the same way that we are beginning to realize secure optical fiber connections. However, free-space channels, in particular those with long links and the presence of atmospheric turbulence, are affected by losses, fluctuating transmissivity, and background light that impair the conditions for secure QKD. Here we introduce a method to contrast the atmospheric turbulence in QKD experiments. Our adaptive real time selection (ARTS) technique at the receiver is based on the selection of the intervals with higher channel transmissivity. We demonstrate, using data from the Canary Island 143-km free-space link, that conditions with unacceptable average quantum bit error rate which would prevent the generation of a secure key can be used once parsed according to the instantaneous scintillation using the ARTS technique

The Practice of Telecommuting: A Fresh Perspective

Telecommuting has been a popular practice for an increasing number of firms and governmental bodies over the past decade or more. This research paper reviews antecedents, implementation considerations, known consequences, barriers, and recommendations that need to be determined prior to the adoption of telecommuting practices. The paper demonstrates that the phenomenon of telecommuting is the result of historical, sociological, and technological shifts and advancements. While firms have successfully implemented various elements of telecommuting practices, challenges along the way have yielded insights and lessons that merit further examination and discussion. This paper asserts that with selected individuals, proper structure, and sufficient feedback mechanisms in place, the adoption of telecommuting has the capacity to strengthen a firm’s bottom line and provide tangible benefit for its employees. As a case in point, online learning, developed in parallel with the growth of telecommuting, yields substantial benefits for employees and the companies in which they serve. For employees, online learning is convenient, accommodates multiple learning styles, and is an engaging learning mechanism. For corporations, online learning encourages cost-effectiveness, uniformity in quality and flexibility, and enhanced cross-cultural and cross-disciplinary communications, all necessary to meet the challenges of the ever-changing global marketplace.telecommuting; technology; online learning; social media; innovation; institutional learning; cross-cultural communications.

When the signal is in the noise: Exploiting Diffix's Sticky Noise

Anonymized data is highly valuable to both businesses and researchers. A large body of research has however shown the strong limits of the de-identification release-and-forget model, where data is anonymized and shared. This has led to the development of privacy-preserving query-based systems. Based on the idea of "sticky noise", Diffix has been recently proposed as a novel query-based mechanism satisfying alone the EU Article~29 Working Party's definition of anonymization. According to its authors, Diffix adds less noise to answers than solutions based on differential privacy while allowing for an unlimited number of queries. This paper presents a new class of noise-exploitation attacks, exploiting the noise added by the system to infer private information about individuals in the dataset. Our first differential attack uses samples extracted from Diffix in a likelihood ratio test to discriminate between two probability distributions. We show that using this attack against a synthetic best-case dataset allows us to infer private information with 89.4% accuracy using only 5 attributes. Our second cloning attack uses dummy conditions that conditionally strongly affect the output of the query depending on the value of the private attribute. Using this attack on four real-world datasets, we show that we can infer private attributes of at least 93% of the users in the dataset with accuracy between 93.3% and 97.1%, issuing a median of 304 queries per user. We show how to optimize this attack, targeting 55.4% of the users and achieving 91.7% accuracy, using a maximum of only 32 queries per user. Our attacks demonstrate that adding data-dependent noise, as done by Diffix, is not sufficient to prevent inference of private attributes. We furthermore argue that Diffix alone fails to satisfy Art. 29 WP's definition of anonymization. [...

One Size Doesn't Fit All: Measuring Individual Privacy in Aggregate Genomic Data

Even in the aggregate, genomic data can reveal sensitive information about individuals. We present a new model-based measure, PrivMAF, that provides provable privacy guarantees for aggregate data (namely minor allele frequencies) obtained from genomic studies. Unlike many previous measures that have been designed to measure the total privacy lost by all participants in a study, PrivMAF gives an individual privacy measure for each participant in the study, not just an average measure. These individual measures can then be combined to measure the worst case privacy loss in the study. Our measure also allows us to quantify the privacy gains achieved by perturbing the data, either by adding noise or binning. Our findings demonstrate that both perturbation approaches offer significant privacy gains. Moreover, we see that these privacy gains can be achieved while minimizing perturbation (and thus maximizing the utility) relative to stricter notions of privacy, such as differential privacy. We test PrivMAF using genotype data from the Welcome Trust Case Control Consortium, providing a more nuanced understanding of the privacy risks involved in an actual genome-wide association studies. Interestingly, our analysis demonstrates that the privacy implications of releasing MAFs from a study can differ greatly from individual to individual. An implementation of our method is available at http://privmaf.csail.mit.edu.Wellcome Trust (London, England) (Award 076113