Instantaneous Decentralized Poker

We present efficient protocols for amortized secure multiparty computation with penalties and secure cash distribution, of which poker is a prime example. Our protocols have an initial phase where the parties interact with a cryptocurrency network, that then enables them to interact only among themselves over the course of playing many poker games in which money changes hands. The high efficiency of our protocols is achieved by harnessing the power of stateful contracts. Compared to the limited expressive power of Bitcoin scripts, stateful contracts enable richer forms of interaction between standard secure computation and a cryptocurrency. We formalize the stateful contract model and the security notions that our protocols accomplish, and provide proofs using the simulation paradigm. Moreover, we provide a reference implementation in Ethereum/Solidity for the stateful contracts that our protocols are based on. We also adopt our off-chain cash distribution protocols to the special case of stateful duplex micropayment channels, which are of independent interest. In comparison to Bitcoin based payment channels, our duplex channel implementation is more efficient and has additional features

Catalic: Delegated PSI Cardinality with Applications to Contact Tracing

Private Set Intersection Cardinality (PSI-CA) allows two parties, each holding a set of items, to learn the size of the intersection of those sets without revealing any additional information. To the best of our knowledge, this work presents the first protocol that allows one of the parties to delegate PSI-CA computation to untrusted servers. At the heart of our delegated PSI-CA protocol is a new oblivious distributed key PRF (Odk-PRF) abstraction, which may be of independent interest. We explore in detail how to use our delegated PSI-CA protocol to perform privacy-preserving contact tracing. It has been estimated that a significant percentage of a given population would need to use a contact tracing app to stop a disease’s spread. Prior privacy-preserving contact tracing systems, however, impose heavy bandwidth or computational demands on client devices. These demands present an economic disincentive to participate for end users who may be billed per MB by their mobile data plan or for users who want to save battery life. We propose Catalic (ContAct TrAcing for LIghtweight Clients), a new contact tracing system that minimizes bandwidth cost and computation workload on client devices. By applying our new delegated PSI-CA protocol, Catalic shifts most of the client-side computation of contact tracing to untrusted servers, and potentially saves each user hundreds of megabytes of mobile data per day while preserving privacy

Linear Complexity Private Set Intersection for Secure Two-Party Protocols

In this paper, we propose a new private set intersection (PSI) protocol with bi-oblivious data transfer that computes the following functionality. One of the parties $P_1$ inputs a set of items $X$ and a set of data pairs $D_1 = \{ (d_0^j,d_1^j)\}$ and the other party $P_2$ inputs a set of items $Y$. While $P_1$ outputs nothing, $P_2$ outputs a set of data $D_2 = \{ d_{b_j}^j \mid b_j \in \{0,1\}\}$ dependent on the intersection of $X$ and $Y$. This functionality is generally required when the PSI protocol is used as a part of a larger secure two-party secure computation such as threshold PSI or any function of the whole intersecting set in general. Pinkas et al. presented a PSI protocol at Eurocrypt 2019 for this type of functionality, which has linear complexity only in communication. While there are PSI protocols with linear computation and communication complexities in the classical PSI setting where the intersection itself is revealed to one party, to the best of our knowledge, there is no PSI protocol, which outputs a function of the membership results and satisfies linear complexity in both communication and computation. We present the first PSI protocol that outputs only a function of the membership results with linear communication and computation complexities. While creating the protocol, as a side contribution, we provide a one-time batch oblivious programmable pseudo-random function based on garbled Bloom filters. We also implemented our protocol and provide performance results

Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA) 200

Exploring Coral Calcification by Calcium Carbonate Overgrowth Experiments

The Scleractinia coral biomineralization process is a representative example of a heterogeneous process of nudeation and growth of biogenic CaCO3 over a mineral phase. Indeed, even if the biomineralization process starts before settlement, the bulk formation of the skeleton takes place only when the larvae attach to a solid substrate, which can be Mg-calcite from coralline algae, and the following growth proceeds on the Mg-calcite surface of the formed baseplate of the planula. Despite this peculiarity and central role of the Mg-calcite substrate, the in vitro overgrowth of CaCO3 on single crystals of Mg-calcite, or calcite, in the presence of magnesium ions and the soluble organic matrix (SOM) extracted from coral skeletons has not been performed until now. In this study, the SOMs from Stylophora pistillata and Oculina patagonica skeletons were used in a set of overgrowth experiments. The overgrown CaCO3 was characterized by microscopic, diffractometric, and spectroscopic techniques. Our results showed that CaCO3 overgrowth in the presence of S. pistillata or O. patagonica SOM produces different effects. However, there appears to be a minor distinction between samples when magnesium ions are present in solution. Moreover, the Mg-calcite substrate appears to be a favorable substrate for the overgrowth of aragonite, differently from calcite. These observations fit with the observed settling of coral larvae on Mg-calcite-based substrates and with the in vivo observation that in the planula aragonite forms on first-formed Mg-calcite crystals. The overall results of this study highlight the importance of magnesium ions, either in the solution or in the substrate, in defining the shape, morphology, and polymorphism of biodeposited CaCO3. They also suggest a magnesium-dependent biological control on the deposition of coral skeletons

Secure Computation of MIPS Machine Code

Existing systems for secure computation require programmers to express the program to be securely computed as a circuit, or in some domain-specific language that can be compiled to a form suitable for applying known protocols. We propose a new system that can securely execute native MIPS code with no special annotations. Our system has the advantage of allowing programmers to use a language of their choice to express their programs, together with any off-the-shelf compiler to MIPS; it can be used for secure computation of existing “legacy” MIPS code as well. Our system uses oblivious RAM for fetching instructions and performing load/store operations in memory, and garbled universal circuits for the execution of a MIPS ALU in each instruction step. We also explore various optimizations based on an offline analysis of the MIPS code to be executed, in order to minimize the overhead of executing each instruction while still maintaining security

A Performance and Resource Consumption Assessment of Secure Multiparty Computation

In recent years, secure multiparty computation (SMC) advanced from a theoretical technique to a practically applicable technology. Several frameworks were proposed of which some are still actively developed. We perform a first comprehensive study of performance characteristics of SMC protocols using a promising implementation based on secret sharing, a common and state-of-the-art foundation. Therefor, we analyze its scalability with respect to environmental parameters as the number of peers, network properties -- namely transmission rate, packet loss, network latency -- and parallelization of computations as parameters and execution time, CPU cycles, memory consumption and amount of transmitted data as variables. Our insights on the resource consumption show that such a solution is practically applicable in intranet environments and -- with limitations -- in Internet settings

PSI from PaXoS: Fast, Malicious Private Set Intersection

We present a 2-party private set intersection (PSI) protocol which provides security against malicious participants, yet is almost as fast as the fastest known semi-honest PSI protocol of Kolesnikov et al. (CCS 2016). Our protocol is based on a new approach for two-party PSI, which can be instantiated to provide security against either malicious or semi-honest adversaries. The protocol is unique in that the only difference between the semi-honest and malicious versions is an instantiation with different parameters for a linear error-correction code. It is also the first PSI protocol which is concretely efficient while having linear communication and security against malicious adversaries, while running in the OT-hybrid model (assuming a non-programmable random oracle). State of the art semi-honest PSI protocols take advantage of cuckoo hashing, but it has proven a challenge to use cuckoo hashing for malicious security. Our protocol is the first to use cuckoo hashing for malicious-secure PSI. We do so via a new data structure, called a probe-and-XOR of strings (PaXoS), which may be of independent interest. This abstraction captures important properties of previous data structures, most notably garbled Bloom filters. While an encoding by a garbled Bloom filter is larger by a factor of $O(\lambda)$ than the original data, we describe a significantly improved PaXoS based on cuckoo hashing that achieves constant rate while being no worse in other relevant efficiency measures

A One-Time Server-Specific Password Authentication Scheme

Over the years, Password-based Authentication (PA) techniques have been the widely used security mechanism that serves as a first level defence against unauthorised access. However, it is paramount that existing PA techniques should be improved upon in order to adequately protect computer systems and networks from password attacks. This work presents a One-Time Server-Specific Password Authentication Scheme (OTSSPAS) for preventing password related attacks. In this work, two protocols known as Password Joggling Protocol (PJP) and Account Management Protocol (AMP) were developed and integrated with OTSSPAS. PJP involves the use of a Password Security Key (PSK) in order to dissuade adversaries from tapping the password. AMP provides an enhanced account management system by considering previous key activities of users in making account locking decision. OTSSPAS adoptsMD5 standard hashing technique for protection of passwords before transmit and storage. Microsoft Visual C# and ASP.Net programming languages were used to implement the design. The evaluation result truly shows that the scheme can prevent common password related attacks

A novel accessory muscle in the flexor compartment of anterior forearm inserting into the tenosynovium of the flexor pollicis longus

A common variant of accessory muscles in the anterior forearm is the Gantzer’s muscle (GM). GM arises as a muscle belly from flexor digitorum superficialis (FDS) or ulnar coronoid process to merge distally with the flexor pollicis longus (FPL) muscle. In the present case report, we describe a novel accessory muscle in the flexor compartment of the forearm. The proximal attachment was tendinous and came from three sources: FDS muscle, ulnar coronoid process, and the medial aspect of the proximal radius. The distal tendon of the novel accessory muscle ran parallel to FPL, passed through the carpal tunnel, and entered the palmar aspect of the hand. In the hand, the tendon thinned out and blended with the tenosynovium of the FPL, contributing to the sheath around the FPL tendon. This accessory muscle of the FPL is comparable to the frequently documented Gantzer muscle (GM); however, the present case exhibited fundamental nuances that distinguish it from the previously described iterations of the GM in the following ways: 1) The novel accessory muscle is tendinous from its proximal origin and throughout the upper one-third of the forearm, and one component of its origin arose from the medial aspect of the radius. Gantzer muscles with an origin on the radius have not been previously reported. 2) In the middle one-third, the tendinous proximal attachment transitioned to a muscle belly that passed through the carpal tunnel and entered the hand. 3) In the hand, the novel tendon widened, thinned, and merged with the tenosynovium of the FPL. Accessory muscles are a common finding in the anterior forearm during cadaveric dissection. In patients, they can be the cause of neuropathies due to compression of the anterior interosseous nerve. Awareness of variations is also important for clinicians who examine the forearm and hand, as well as hand and surgeons