What Information is Leaked under Concurrent Composition?

Achieving security under concurrent composition is notoriously hard. Indeed, in the plain model, far reaching impossibility results for concurrently secure computation are known. On the other hand, some positive results have also been obtained according to various weaker notions of security (such as by using a super-polynomial time simulator). This suggest that somehow, ``not all is lost in the concurrent setting. In this work, we ask what and exactly how much private information can the adversary learn by launching a concurrent attack? ``Can he learn all the private inputs in all the sessions? Or, can we preserve the security of some (or even most) of the sessions fully while compromising (a small fraction of) other sessions? Or is it the case that the security of all (or most) sessions is (at least partially) compromised? If so, can we restrict him to learn an arbitrarily small fraction of input in each session? We believe the above questions to be fundamental to the understanding of concurrent composition. Indeed, despite a large body of work on the study of concurrent composition, in our opinion, the understanding of what exactly is it that goes wrong in the concurrent setting and to what extent is currently quite unsatisfactory. Towards that end, we adopt the knowledge-complexity based approach of Goldreich and Petrank [STOC\u2791] to quantify information leakage in concurrently secure computation. We consider a model where the ideal world adversary (a.k.a simulator) is allowed to query the trusted party for some ``leakage\u27\u27 on the honest party inputs. We obtain both positive and negative results, depending upon the nature of the leakage queries available to the simulator. Informally speaking, our results imply the following: in the concurrent setting, ``significant loss of security (translating to high leakage in the ideal world) in some of the sessions is unavoidable if one wishes to obtain a general result. However on the brighter side, one can make the fraction of such sessions to be an arbitrarily small polynomial (while fully preserving the security in all other sessions). Our results also have an implication on secure computation in the bounded concurrent setting [Barak-FOCS\u2701]: we show there exist protocols which are secure as per the standard ideal/real world notion in the bounded concurrent setting. However if the actual number of sessions happen to exceed the bound, there is a graceful degradation of security as the number of sessions increase. (In contrast, prior results do not provide any security once the bound is exceeded.) In order to obtain our positive result, we model concurrent extraction as the classical set-covering problem and develop, as our main technical contribution, a new sparse rewinding strategy. Specifically, unlike previous rewinding strategies which are very ``dense\u27\u27, we rewind ``small intervals\u27\u27 of the execution transcript and still guarantee extraction. This yields other applications as well, including improved constructions of precise concurrent zero-knowledge [Pandey et al.-Eurocrypt\u2708] and concurrently secure computation in the multiple ideal query model [Goyal et al.-Crypto\u2710]. In order to obtain our negative results, interestingly, we employ techniques from the regime of leakage-resilient cryptography [Dziembowski-Pietrzak-FOCS\u2708]

Name-passing calculi and crypto-primitives: A survey

The paper surveys the literature on high-level name-passing process calculi, and their extensions with cryptographic primitives. The survey is by no means exhaustive, for essentially two reasons. First, in trying to provide a coherent presentation of different ideas and techniques, one inevitably ends up leaving out the approaches that do not fit the intended roadmap. Secondly, the literature on the subject has been growing at very high rate over the years. As a consequence, we decided to concentrate on few papers that introduce the main ideas, in the hope that discussing them in some detail will provide sufficient insight for further reading

Quantification of information flow in cyber physical systems

In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen frequently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different entities, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the physical portion, and the outside world. Within algorithmic theory, the online problem considers inputs that arrive one by one and deals with extracting the algorithmic solution through an advice tape without knowing some parts of the input. This dissertation focuses on statistical methods to quantify information leakage in CPSs due to algorithmic leakages, especially CPSs that allocate constrained resources. The proposed framework is based on the advice tape concept of algorithmically quantifying information leakage and statistical analysis. With aggregated physical observations, the amount of information leakage of the constrained resource due to the cyber algorithm can be quantified through the proposed algorithms. An electric smart grid has been used as an example to develop confidence intervals of information leakage within a real CPS. The characteristic of the physical system, which is represented as an invariant, is also considered and influences the information quantification results. The impact of this work is that it allows the user to express an observer\u27s uncertainty about a secret as a function of the revealed part. Thus, it can be used as an algorithmic design in a CPS to allocate resources while maximizing the uncertainty of the information flow to an observer --Abstract, page iii

Temperature and Pressure Effects on Hydrogen Permeation in Palladium Based Membranes

Palladium based membranes offer a promising method for extracting hydrogen from multi-component synthetic gas (syngas) mixtures. Thin palladium and palladium alloy membranes supported on porous media combine both enhanced strength and durability with increased permeation. The syngas produced from waste and biomass contains several gases of different concentrations. The availability of clean hydrogen from syngas is novel since the hydrogen storage and transportation are amongst the major issues for the utilization of hydrogen. A lab scale experimental facility has been designed and built that allows one to examine different types of membranes for efficient and effective separation of hydrogen from syngas. Experimental results have been obtained from this facility using palladium membranes. The results show hydrogen permeation increased with both temperature and pressure, with the greatest increase occurring with rising temperature. Determination of the pressure exponent revealed that the reaction was limited by both the surface reaction and diffusion process

Role of microstructure in the exploitation of self-healing potential in form-stable composite phase change materials based on immiscible alloys

Metallic Phase Change Materials (PCMs), based on solid-liquid transitions, represents one of the most promising technologies for efficient Thermal Energy Storage (TES), due to their superior thermal conductivity and energy storability per unit volume, but suffer of limited solutions for their handling at the molten state. The use of Miscibility Gap Alloys (MGAs) allows to manage PCM volume expansion and keep it confined when molten, preventing interaction with the environment. A relevant example is provided by the Al-Sn system, where Al covers the role of the high-temperature stable and highly thermal-conductive passive matrix and Sn the active PCM. The alloy can thus be considered a Composite PCM (C-PCM). The response fastness of these systems depends on their thermal diffusivity, subjected to abrupt variations under the presence of discontinuities and damages. In this sense, the authors investigated the possibility to employ molten Sn mobility in a potentially damaged C-PCM for self-healing purposes, aimed to restore, at least partially, the material continuity and thus its thermal diffusivity. Exudation heat treatments above the melting temperature of Sn were performed on sets of Al-40%wt. Sn metallic composites, produced either with powder metallurgy or liquid metal routes, in order to quantify and assess the mobility of the Sn under simulated operating conditions. Exudation tests assess Simple Mixed powders and liquid metal routes sample as the ones with the highest healing potential. Al dissolution and re-deposition was established by EDS analyses as one of the principal Sn mobility mechanisms. Laser Flash Analysis tests, as well as microstructural investigations, were performed on the samples before and after both healing-focused and simulated service heat treatments to evaluate the changes of thermal diffusivity. Healing-focused treatment at 250°C for 1 hour generally displayed a moderate thermal diffusivity recovery and simulated service by shorter cycles between 170°C and 270°C slightly reduce it. The beneficial role of healing focused heat treatments at 250°C for 1 hour suggests that the presence of fully molten Sn phase during service for relatively long time could be beneficial for functional healing. The requirements of suitable Al-Sn microstructures for self-healing purposes, granting at the same time the C-PCM functionalities, i.e., thermal energy storage and form-stability, were set

Security invariants in discrete transition systems

The Shadow semantics is a qualitative model for noninterference security for sequential programs. In this paper, we first extend the Shadow semantics to Event-B, to reason about discrete transition systems with noninterference security properties. In particular, we investigate how these security properties can be specified and proved as machine invariants. Next we highlight the role of security invariants during refinement and identify some common patterns in specifying them. Finally, we propose a practical extension to the supporting Rodin platform of Event-B, with the possibility of having some properties to be invariants-by-constructio

"All The Things We Could [Se]e by Now [Concerning Violence & Boko Haram], If Sigmund Freud's Wife was Your Mother": Psychoanalysis, Race, & International Political Theory

In response to the sonic media and ludicrosity of her time, Hortense J. Spillers' paradigmatic essay ""All the Things You Could Be by Now, If Sigmund Freud's Wife Was Your Mother": Psychoanalysis and Race," transfigures Charles Mingus' melodic, cryptic, and most puzzling record title into a workable theoretical cacophony. Closely written within the contexts and outside the confines of "some vaguely defined territory between well established republics," Spillers is able to open up the sarcophagus of meaning(s) within the Black occupation of the psychoanalytic discourse. Mingus' original assertion, "all the things you could be by now, if Sigmund Freud's wife was your mother," means absolutely nothing insofar as it means everything in the face of constructed openings and invitations into "extending the realm of possibility for what might be known." As such, this article asks a similar question relating to what might be known about the sensual convergence of media, violence, and representation ('all the things we could see by now') of international, political, and theoretical significance. If anything, Spillers and Mingus compel us toward locating some semblance of forgotten relationality between what appears to be abstract, distant, and unfamiliar. Given our contemporary era of violent post-colonial terror and desires for alternatives to the afterlife of slavery, this article endorses the free-floating investigation into the live survey of unprotected human flesh in the specific case of Boko Haram's explosion in modern media. Is it possible that such a study is able to uncover the motive behind the assembly of spectatorship? Through a Freudian reading of human nature into international political theory, this article indicates that narrative formation and transmission is an essential component to the development of both ethno-universalisms and global constructions of race and captivity