Practical and Provably Secure Onion Routing

In an onion routing protocol, messages travel through several intermediaries before arriving at their destinations; they are wrapped in layers of encryption (hence they are called "onions"). The goal is to make it hard to establish who sent the message. It is a practical and widespread tool for creating anonymous channels. For the standard adversary models - passive and active - we present practical and provably secure onion routing protocols. Akin to Tor, in our protocols each party independently chooses the routing paths for his onions. For security parameter lambda, our differentially private solution for the active adversary takes O(log^2 lambda) rounds and requires every participant to transmit O(log^{4} lambda) onions in every round

On the Complexity of Anonymous Communication Through Public Networks

Onion routing is the most widely used approach to anonymous communication online. The idea is that Alice wraps her message to Bob in layers of encryption to form an "onion," and routes it through a series of intermediaries. Each intermediary's job is to decrypt ("peel") the onion it receives to obtain instructions for where to send it next, and what to send. The intuition is that, by the time it gets to Bob, the onion will have mixed with so many other onions, that its origin will be hard to trace even for an adversary that observes the entire network and controls a fraction of the participants, possibly including Bob. In spite of its widespread use in practice, until now no onion routing protocol was known that simultaneously achieved, in the presence of an active adversary that observes all network traffic and controls a constant fraction of the participants, (a) fault-tolerance, where even if a few of the onions are dropped, the protocol still delivers the rest; (b) reasonable communication and computational complexity as a function of the security parameter and the number of participants; and (c) anonymity. In this paper, we give the first onion routing protocol that meets these goals: our protocol (a) tolerates a polylogarithmic (in the security parameter) number of dropped onions and still delivers the rest; (b) requires a polylogarithmic number of rounds and a polylogarithmic number of onions sent per participant per round; and (c) achieves anonymity. We also show that to achieve anonymity in a fault-tolerant fashion via onion routing, this number of onions and rounds is necessary. Of independent interest, our analysis introduces two new security properties of onion routing -- mixing and equalizing -- and we show that together they imply anonymity

Issues in securitization of real estate under the Japanese economy in transition

Thesis (M.C.P.)--Massachusetts Institute of Technology, Dept. of Urban Studies and Planning, 1999.Includes bibliographical references (leaves 84-86).Since the end of the Bubble Economy of 1992, Japan has been suffering from the severest and the longest lasting recession it has experienced in the 50 years following the World War II. In this thesis, the true implications of real estate securitization and its potential contribution to the recovery of the Japanese economy are examined. Repairing real estate market is one of the keys to reversing the economic downtrend. The results show that real estate securitization will contribute significantly to the effort to save the Japanese economy. However, it is important to reform the practices, systems, and infrastructure of the real estate market to carry out successful securitization. The major positive implications of real estate securitization include diversification of financing and investment opportunities, the reduction of liquidity risk of real estate, the expansion of the real estate market by increasing the numbers of transactions, promotion of direct financing rather than indirect, use of widened techniques for managing Japanese individual assets, the identification of new business opportunities, and finally, by promotion of reform of a land evaluation method to meet a global standard.by Megumi Ando.M.C.P

Cryptographic Shallots: A Formal Treatment of Repliable Onion Encryption

Onion routing is a popular, efficient and scalable method for enabling anonymous communications. To send a message m to Bob via onion routing, Alice picks several intermediaries, wraps m in multiple layers of encryption — one per intermediary — and sends the resulting “onion” to the first intermediary. Each intermediary “peels” a layer of encryption and learns the identity of the next entity on the path and what to send along; finally Bob learns that he is the recipient, and recovers the message m. Despite its wide use in the real world (e.g., Tor, Mixminion), the foundations of onion routing have not been thoroughly studied. In particular, although two-way communication is needed in most instances, such as anonymous Web browsing, or anonymous access to a resource, until now no definitions or provably secure constructions have been given for two-way onion routing. In this paper, we propose an ideal functionality for a repliable onion encryption scheme and provide a construction that UC-realizes it

Poly Onions: Achieving Anonymity in the Presence of Churn

Onion routing is a popular approach towards anonymous communication. Practical implementations are widely used (for example, Tor has millions of users daily), but are vulnerable to various traffic correlation attacks, and the theoretical foundations, despite recent progress, still lag behind. In particular, all works that model onion routing protocols and prove their security only address a single run, where each party sends and receives a single message of fixed length, once. Moreover, they all assume a static network setting, where the parties are stable throughout the lifetime of the protocol. In contrast, real networks have a high rate of churn (nodes joining and exiting the network), real users want to send multiple messages, and realistic adversaries may observe multiple runs of the protocol. In this paper, we initiate a formal treatment of onion routing in a setting with multiple runs over a dynamic network with churn. We provide the following contributions. -We define the cryptographic primitive of poly onion encryption, which is appropriate for a setting with churn. This primitive is inspired by duo onions, introduced by Iwanik, Klonowski, and Kutylowski (Communications and Multimedia Security, 2005) towards improving onion delivery rate. We generalize the idea, change it to add auxiliary helpers towards supporting better security, and propose formal definitions. -We construct an instantiation of poly onion encryption based on standard cryptographic primitives (CCA secure public key encryption with tags, PRP, MAC, and secret sharing). Our construction is secure against an active adversary, and is parameterized to allow flexible instantiations supporting a range of corruption thresholds and churn limits. -We formally model anonymous onion routing for multiple runs in the setting with churn, including a definition of strong anonymity, where the adversary has CCA-like access to oracles for generating and processing onions. -We prove that if an onion routing protocol satisfies a natural condition we define ( simulatability ), then strong single-run anonymity implies strong multiple-run anonymity. This condition is satisfied by existing onion routing schemes, such as the $\Pi_p$ protocol of Ando, Lysyanskaya, and Upfal (ICALP 2018). As a consequence, these schemes are anonymous also for multiple runs (although not when there is churn). -We provide an anonymous routing protocol, Poly $\Pi_p$, and prove that it is anonymous in the setting with churn, against a passive adversary. We obtain this construction by using an instance of our poly onion encryption within the $\Pi_p$ protocol

The use of a logistic map for key generation

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2010.Cataloged from PDF version of thesis.Includes bibliographical references (p. 63-64).A key generation scheme is proposed and its performance analyzed. The method, the logistic map scheme (LMS), is applicable for use on wireless networks because it does not require devices to engage in computationally intensive algorithms. In addition, the method is shown to achieve reliability from the perspective of the communication agents, as well as unpredictability and randomness from the perspective of an eavesdropper. Lastly, the performance of the LMS is compared against that of an existing technique. Results from a comparative analysis indicate that the proposed method generally yields a greater number of reliable, unpredictable, and random key bits than the existing technique under the same conditions.by Megumi Ando.M.Eng

Insulin regulates Presenilin 1 localization via PI3K/Akt signaling.

Recently, insulin signaling has been highlighted in the pathology of Alzheimer's disease (AD). Although the association between insulin signaling and Tau pathology has been investigated in several studies, the interaction between insulin signaling and Presenilin 1 (PS1), a key molecule of amyloid beta (Abeta) pathology, has not been elucidated so far. In this study, we demonstrated that insulin inhibited PS1 phosphorylation at serine residues (serine 353, 357) via phosphatidylinositol 3-kinase (PI3K)/Akt signal pathway and strengthened the trimeric complex of PS1/N-cadherin/beta-catenin, consequently relocalizing PS1 to the cell surface. Since our recent report suggests that PS1/N-cadherin/beta-catenin complex regulates Abeta production, it is likely that insulin signaling affects Abeta pathology by regulating PS1 localization

Histopathology of cryptococcosis and other fungal infections in patients with acquired immunodeficiency syndrome

AbstractObjective: To gain insight into the histopathologic characteristics of fungal infection in acquired immunodeficiency syndrome (AIDS).Methods: A review was conducted of the histopathology for 162 patients with evident fungal infection.Results: The microscopic appearance of esophageal candidiasis that was common in patients with single organ involvement revealed necrotic debris containing proliferating hyphae at the site of mucosal erosions without fungal invasion of underlying tissue. The incidence of oral and esophageal candidiasis was followed by that of pulmonary aspergillosis and Candida infection. Eighteen patients had generalized cryptococcosis, representing the commonest generalized fungal disease. The essential histologic features of the disease consisted of yeast cell proliferation with a histiocytic response, but only minor lymphocytic and neutrophilic components. This was different from the manifestations of both Candida and Aspergillus infections. The two histologic patterns recognized in the pulmonary cryptococcal lesions could be graded with respect to the degree and type of inflammatory reaction. The milder one consisted of small scattered foci of intra-alveolar cryptococcal proliferation with a histiocytic response. Another pattern involved massive cryptococcal infection, which might be simply more extensive than that in the former. Capillary involvement of alveolar septa was an important common finding in all 18 patients.Conclusions: The absence of T cells and decreasing function of antigen-presenting activity in histiocytes were confirmed by immunohistologic examination. These findings suggest that the lungs in AIDS patients provide little resistance to blood stream dissemination by cryptococci

Coil volume embolization ratio for preventing recanalization after portal vein embolization

PURPOSEThe purpose of this study was to evaluate the optimum volume embolization ratio (VER) for the prevention of recanalization after portal vein embolization (PVE) and the influence of recanalization on future liver remnant (FLR) function using technetium-99m galactosyl human serum albumin single-photon emission computed tomography (99mTc-GSA SPECT/CT) fusion imaging.METHODSWe analyzed procedural data of 18 patients who underwent PVE from 2015 to 2018. A total of 29 portal branches were embolized (12 anterior branch, 11 posterior branch, 4 left branch, 2 right branch) with absolute ethanol and coils. Portal vein recanalization was evaluated three weeks after PVE by contrast-enhanced CT. We classified the treated portal branches as non-recanalized and recanalized. VER was compared between the groups. In addition, for each patient, we calculated and evaluated the ratio of FLR volume to total liver volume (volumetric %FLR), FLR count to total liver count on 99mTc-GSA SPECT/CT fusion imaging (functional %FLR), and functional-volumetric ratio (functional %FLR/ volumetric %FLR).RESULTSTwenty-six portal branches showed no recanalization (non-recanalized group, n=26, 89.7%), while three portal branches showed recanalization (recanalized group, n=3, 10.3%). The median VER was 4.94% (3.12%–11.1%) in the non-recanalized group and 3.49% (2.76%–4.32%) in the recanalized group, which was significantly different between the groups (p = 0.045, Mann-Whitney U test). The median functional-volumetric ratio was 1.16 (1.03–1.50) in non-recanalized patients (n=15, 83.3%) and 1.01 (0.96–1.13) in recanalized patients (n=3, 16.7%), and it was significantly higher in the non-recanalized patients (p = 0.021, Mann-Whitney U test).CONCLUSIONThe VER for preventing recanalization after PVE was approximately 5% (> 4.94%). 99mTc-GSA SPECT/CT fusion imaging revealed a decrease in FLR function due to recanalization after PVE