7,215 research outputs found
On Non-Parallelizable Deterministic Client Puzzle Scheme with Batch Verification Modes
A (computational) client puzzle scheme enables a client to prove to a server that a certain amount of computing resources (CPU cycles and/or Memory look-ups) has been dedicated to solve a puzzle. Researchers have identified a number of potential applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from DoS attacks. In this paper, we first revisit this concept and formally define two properties, namely deterministic computation and parallel computation resistance. Our analysis show that both properties are crucial for the effectiveness of client puzzle schemes in most application scenarios. We prove that the RSW client puzzle scheme, which is based on the repeated squaring technique, achieves both properties. Secondly, we introduce two batch verification modes for the RSW client puzzle scheme in order to improve the verification efficiency of the server, and investigate three methods for handling errors in batch verifications. Lastly, we show that client puzzle schemes can be integrated with reputation systems to further improve the effectiveness in practice
Differential DNA accessibility to polymerase enables 30-minute phenotypic β-lactam antibiotic susceptibility testing of carbapenem-resistant Enterobacteriaceae
The rise in carbapenem-resistant Enterobacteriaceae (CRE) infections has created a global health emergency, underlining the critical need to develop faster diagnostics to treat swiftly and correctly. Although rapid pathogen-identification (ID) tests are being developed, gold-standard antibiotic susceptibility testing (AST) remains unacceptably slow (1–2 d), and innovative approaches for rapid phenotypic ASTs for CREs are urgently needed. Motivated by this need, in this manuscript we tested the hypothesis that upon treatment with β-lactam antibiotics, susceptible Enterobacteriaceae isolates would become sufficiently permeabilized, making some of their DNA accessible to added polymerase and primers. Further, we hypothesized that this accessible DNA would be detectable directly by isothermal amplification methods that do not fully lyse bacterial cells. We build on these results to develop the polymerase-accessibility AST (pol-aAST), a new phenotypic approach for β-lactams, the major antibiotic class for gram-negative infections. We test isolates of the 3 causative pathogens of CRE infections using ceftriaxone (CRO), ertapenem (ETP), and meropenem (MEM) and demonstrate agreement with gold-standard AST. Importantly, pol-aAST correctly categorized resistant isolates that are undetectable by current genotypic methods (negative for β-lactamase genes or lacking predictive genotypes). We also test contrived and clinical urine samples. We show that the pol-aAST can be performed in 30 min sample-to-answer using contrived urine samples and has the potential to be performed directly on clinical urine specimens
KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures
Email breaches are commonplace, and they expose a wealth of personal,
business, and political data that may have devastating consequences. The
current email system allows any attacker who gains access to your email to
prove the authenticity of the stolen messages to third parties -- a property
arising from a necessary anti-spam / anti-spoofing protocol called DKIM. This
exacerbates the problem of email breaches by greatly increasing the potential
for attackers to damage the users' reputation, blackmail them, or sell the
stolen information to third parties.
In this paper, we introduce "non-attributable email", which guarantees that a
wide class of adversaries are unable to convince any third party of the
authenticity of stolen emails. We formally define non-attributability, and
present two practical system proposals -- KeyForge and TimeForge -- that
provably achieve non-attributability while maintaining the important protection
against spam and spoofing that is currently provided by DKIM. Moreover, we
implement KeyForge and demonstrate that that scheme is practical, achieving
competitive verification and signing speed while also requiring 42% less
bandwidth per email than RSA2048
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Centrally Banked Cryptocurrencies
Current cryptocurrencies, starting with Bitcoin, build a decentralized
blockchain-based transaction ledger, maintained through proofs-of-work that
also generate a monetary supply. Such decentralization has benefits, such as
independence from national political control, but also significant limitations
in terms of scalability and computational cost. We introduce RSCoin, a
cryptocurrency framework in which central banks maintain complete control over
the monetary supply, but rely on a distributed set of authorities, or
mintettes, to prevent double-spending. While monetary policy is centralized,
RSCoin still provides strong transparency and auditability guarantees. We
demonstrate, both theoretically and experimentally, the benefits of a modest
degree of centralization, such as the elimination of wasteful hashing and a
scalable system for avoiding double-spending attacks.Comment: 15 pages, 4 figures, 2 tables in Proceedings of NDSS 201
- …