19,569 research outputs found
Infinite Secret Sharing -- Examples
The motivation for extending secret sharing schemes to cases when either the
set of players is infinite or the domain from which the secret and/or the
shares are drawn is infinite or both, is similar to the case when switching to
abstract probability spaces from classical combinatorial probability. It might
shed new light on old problems, could connect seemingly unrelated problems, and
unify diverse phenomena.
Definitions equivalent in the finitary case could be very much different when
switching to infinity, signifying their difference. The standard requirement
that qualified subsets should be able to determine the secret has different
interpretations in spite of the fact that, by assumption, all participants have
infinite computing power. The requirement that unqualified subsets should have
no, or limited information on the secret suggests that we also need some
probability distribution. In the infinite case events with zero probability are
not necessarily impossible, and we should decide whether bad events with zero
probability are allowed or not.
In this paper, rather than giving precise definitions, we enlist an abundance
of hopefully interesting infinite secret sharing schemes. These schemes touch
quite diverse areas of mathematics such as projective geometry, stochastic
processes and Hilbert spaces. Nevertheless our main tools are from probability
theory. The examples discussed here serve as foundation and illustration to the
more theory oriented companion paper
Probabilistic Infinite Secret Sharing
The study of probabilistic secret sharing schemes using arbitrary probability
spaces and possibly infinite number of participants lets us investigate
abstract properties of such schemes. It highlights important properties,
explains why certain definitions work better than others, connects this topic
to other branches of mathematics, and might yield new design paradigms.
A probabilistic secret sharing scheme is a joint probability distribution of
the shares and the secret together with a collection of secret recovery
functions for qualified subsets. The scheme is measurable if the recovery
functions are measurable. Depending on how much information an unqualified
subset might have, we define four scheme types: perfect, almost perfect, ramp,
and almost ramp. Our main results characterize the access structures which can
be realized by schemes of these types.
We show that every access structure can be realized by a non-measurable
perfect probabilistic scheme. The construction is based on a paradoxical pair
of independent random variables which determine each other.
For measurable schemes we have the following complete characterization. An
access structure can be realized by a (measurable) perfect, or almost perfect
scheme if and only if the access structure, as a subset of the Sierpi\'nski
space , is open, if and only if it can be realized by a span
program. The access structure can be realized by a (measurable) ramp or almost
ramp scheme if and only if the access structure is a set
(intersection of countably many open sets) in the Sierpi\'nski topology, if and
only if it can be realized by a Hilbert-space program
Demonstrating Continuous Variable EPR Steering in spite of Finite Experimental Capabilities using Fano Steering Bounds
We show how one can demonstrate continuous-variable Einstein-Podolsky-Rosen
(EPR) steering without needing to characterize entire measurement probability
distributions. To do this, we develop a modified Fano inequality useful for
discrete measurements of continuous variables, and use it to bound the
conditional uncertainties in continuous-variable entropic EPR-steering
inequalities. With these bounds, we show how one can hedge against experimental
limitations including a finite detector size, dead space between pixels, and
any such factors that impose an incomplete sampling of the true measurement
probability distribution. Furthermore, we use experimental data from the
position and momentum statistics of entangled photon pairs in parametric
downconversion to show that this method is sufficiently sensitive for practical
use.Comment: 7 pages, 2 figure
An Expressive Model for the Web Infrastructure: Definition and Application to the BrowserID SSO System
The web constitutes a complex infrastructure and as demonstrated by numerous
attacks, rigorous analysis of standards and web applications is indispensable.
Inspired by successful prior work, in particular the work by Akhawe et al. as
well as Bansal et al., in this work we propose a formal model for the web
infrastructure. While unlike prior works, which aim at automatic analysis, our
model so far is not directly amenable to automation, it is much more
comprehensive and accurate with respect to the standards and specifications. As
such, it can serve as a solid basis for the analysis of a broad range of
standards and applications.
As a case study and another important contribution of our work, we use our
model to carry out the first rigorous analysis of the BrowserID system (a.k.a.
Mozilla Persona), a recently developed complex real-world single sign-on system
that employs technologies such as AJAX, cross-document messaging, and HTML5 web
storage. Our analysis revealed a number of very critical flaws that could not
have been captured in prior models. We propose fixes for the flaws, formally
state relevant security properties, and prove that the fixed system in a
setting with a so-called secondary identity provider satisfies these security
properties in our model. The fixes for the most critical flaws have already
been adopted by Mozilla and our findings have been rewarded by the Mozilla
Security Bug Bounty Program.Comment: An abridged version appears in S&P 201
Complexity and Unwinding for Intransitive Noninterference
The paper considers several definitions of information flow security for
intransitive policies from the point of view of the complexity of verifying
whether a finite-state system is secure. The results are as follows. Checking
(i) P-security (Goguen and Meseguer), (ii) IP-security (Haigh and Young), and
(iii) TA-security (van der Meyden) are all in PTIME, while checking TO-security
(van der Meyden) is undecidable, as is checking ITO-security (van der Meyden).
The most important ingredients in the proofs of the PTIME upper bounds are new
characterizations of the respective security notions, which also lead to new
unwinding proof techniques that are shown to be sound and complete for these
notions of security, and enable the algorithms to return simple
counter-examples demonstrating insecurity. Our results for IP-security improve
a previous doubly exponential bound of Hadj-Alouane et al
Quantum Security for the Physical Layer
The physical layer describes how communication signals are encoded and
transmitted across a channel. Physical security often requires either
restricting access to the channel or performing periodic manual inspections. In
this tutorial, we describe how the field of quantum communication offers new
techniques for securing the physical layer. We describe the use of quantum
seals as a unique way to test the integrity and authenticity of a communication
channel and to provide security for the physical layer. We present the
theoretical and physical underpinnings of quantum seals including the quantum
optical encoding used at the transmitter and the test for non-locality used at
the receiver. We describe how the envisioned quantum physical sublayer senses
tampering and how coordination with higher protocol layers allow quantum seals
to influence secure routing or tailor data management methods. We conclude by
discussing challenges in the development of quantum seals, the overlap with
existing quantum key distribution cryptographic services, and the relevance of
a quantum physical sublayer to the future of communication security.Comment: 7 pages, 6 figure
- …