Account Management in Proof of Stake Ledgers

Blockchain protocols based on Proof-of-Stake (PoS) depend — by nature — on the active participation of stakeholders. If users are offline and abstain from the PoS consensus mechanism, the system’s security is at risk, so it is imperative to explore ways to both maximize the level of participation and minimize the effects of non-participation. One such option is stake representation, such that users can delegate their participation rights and, in the process, form stake pools . The core idea is that stake pool operators always participate on behalf of regular users, while the users retain the ownership of their assets. Our work provides a formal PoS wallet construction that enables delegation and stake pool formation. While investigating the construction of addresses in this setting, we distil and explore address malleability, a security property that captures the ability of an attacker to manipulate the delegation information associated with an address. Our analysis consists of identifying multiple levels of malleability, which are taken into account in our paper’s core result. We then introduce the first ideal functionality of a PoS wallet’s core which captures the PoS wallet’s capabilities and is realized as a secure protocol based on standard cryptographic primitives. Finally, we cover how to use the wallet core in conjunction with a PoS ledger, as well as investigate how delegation and stake pools affect a PoS system’s security

Anonymity and Rewards in Peer Rating Systems

When peers rate each other, they may choose to rate inaccurately in order to boost their own reputation or unfairly lower another’s. This could be successfully mitigated by having a reputation server incentivise accurate ratings with a reward. However, assigning rewards becomes a challenge when ratings are anonymous, since the reputation server cannot tell which peers to reward for rating accurately. To address this, we propose an anonymous peer rating system in which users can be rewarded for accurate ratings, and we formally define its model and security requirements. In our system ratings are rewarded in batches, so that users claiming their rewards only reveal they authored one in this batch of ratings. To ensure the anonymity set of rewarded users is not reduced, we also split the reputation server into two entities, the Rewarder, who knows which ratings are rewarded, and the Reputation Holder, who knows which users were rewarded. We give a provably secure construction satisfying all the security properties required. For our construction we use a modification of a Direct Anonymous Attestation scheme to ensure that peers can prove their own reputation when rating others, and that multiple feedback on the same subject can be detected. We then use Linkable Ring Signatures to enable peers to be rewarded for their accurate ratings, while still ensuring that ratings are anonymous. Our work results in a system which allows for accurate ratings to be rewarded, whilst still providing anonymity of ratings with respect to the central entities managing the system

Forward Secrecy of SPAKE2

Currently, the Simple Password-Based Encrypted Key Exchange (SPAKE2) protocol of Abdalla and Pointcheval (CT-RSA 2005) is being considered by the IETF for standardization and integration in TLS 1.3. Although it has been proven secure in the Find-then-Guess model of Bellare, Pointcheval and Rogaway (EUROCRYPT 2000), whether it satisfies some notion of forward secrecy remains an open question. In this work, we prove that the SPAKE2 protocol satisfies the so-called weak forward secrecy introduced by Krawczyk (CRYPTO 2005). Furthermore, we demonstrate that the incorporation of key-confirmation codes in SPAKE2 results in a protocol that provably satisfies the stronger notion of perfect forward secrecy. As forward secrecy is an explicit requirement for cipher suites supported in the TLS handshake, we believe this work could fill the gap in the literature and facilitate the adoption of SPAKE2 in the recently approved TLS 1.3

ATP-Dependent Unwinding of U4/U6 snRNAs by the Brr2 Helicase Requires the C Terminus of Prp8

The spliceosome is a highly dynamic machine requiring multiple RNA-dependent ATPases of the DExD/H-box family. A fundamental unanswered question is how their activities are regulated. Brr2 function is necessary for unwinding the U4/U6 duplex, a step essential for catalytic activation of the spliceosome. Here we show that Brr2-dependent dissociation of U4/U6 snRNAs in vitro is activated by a fragment from the C terminus of the U5 snRNP protein Prp8. In contrast to its helicase-stimulating activity, this fragment inhibits Brr2 U4/U6-dependent ATPase activity. Notably, U4/U6 unwinding activity is not stimulated by fragments carrying alleles of prp8 that in humans confers an autosomal dominant form of retinitis pigmentosa. Because Brr2 activity must be restricted to prevent premature catalytic activation, our results have important implications for fidelity maintenance in the spliceosome

Quantitative Proteomics Identify Novel miR-155 Target Proteins

Background: MicroRNAs are 22 nucleotides long non-coding RNAs and exert their function either by transcriptional or translational inhibition. Although many microRNA profiles in different tissues and disease states have already been discovered, only little is known about their target proteins. The microRNA miR-155 is deregulated in many diseases, including cancer, where it might function as an oncoMir. Methodology/Principal Findings: We employed a proteomics technique called ‘‘stable isotope labelling by amino acids in cell culture’ ’ (SILAC) allowing relative quantification to reliably identify target proteins of miR-155. Using SILAC, we identified 46 putative miR-155 target proteins, some of which were previously reported. With luciferase reporter assays, CKAP5 was confirmed as a new target of miR-155. Functional annotation of miR-155 target proteins pointed to a role in cell cycle regulation. Conclusions/Significance: To the best of our knowledge we have investigated for the first time miR-155 target proteins in the HEK293T cell line in large scale. In addition, by comparing our results to previously identified miR-155 target proteins i

Improved Signature Schemes for Secure Multi-Party Computation with Certified Inputs

The motivation for this work comes from the need to strengthen security of secure multi-party protocols with the ability to guarantee that the participants provide their truthful inputs in the computation. This is outside the traditional security models even in the presence of malicious participants, but input manipulation can often lead to privacy and result correctness violations. Thus, in this work we treat the problem of combining secure multi-party computation (SMC) techniques based on secret sharing with signatures to enforce input correctness in the form of certification. We modify two currently available signature schemes to achieve private verification and efficiency of batch verification and show how to integrate them with two prominent SMC protocols

Consensus from Signatures of Work

Assuming the existence of a public-key infrastructure (PKI), digital signatures are a fundamental building block in the design of secure consensus protocols with optimal resilience. More recently, with the advent of blockchain protocols like Bitcoin, consensus has been considered in the ``permissionless\u27\u27 setting where no authentication or even point-to-point communication is available. Yet, despite some positive preliminary results, there has been no attempt to formalize a building block that is sufficient for designing consensus protocols in this setting. In this work we fill this void by putting forth a formalization of such a primitive, which we call {\em signatures of work} (SoW). Distinctive features of our new notion are a lower bound on the number of steps required to produce a signature; fast verification; {\em moderate unforgeability}---producing a sequence of SoWs, for chosen messages, does not provide an advantage to an adversary in terms of running time; and signing time independence---most relevant in concurrent multi-party applications, as we show. Armed with SoW, we then present a new permissionless consensus protocol which is secure assuming an honest majority of computational power, thus providing a blockchain counterpart to the classical Dolev-Strong consensus protocol. The protocol is built on top of a SoW-based blockchain and standard properties of the underlying hash function, thus improving on the only known provably secure consensus protocol in this setting, which relies on the random-oracle model in a fundamental way

Blockchains from Non-Idealized Hash Functions

The formalization of concrete, non-idealized hash function properties sufficient to prove the security of Bitcoin and related protocols has been elusive, as all previous security analyses of blockchain protocols have been performed in the random oracle model. In this paper we identify three such properties, and then construct a blockchain protocol whose security can be reduced to them in the standard model assuming a common reference string (CRS). The three properties are: {\em collision resistance}, {\em computational randomness extraction} and {\em iterated hardness}. While the first two properties have been extensively studied, iterated hardness has been empirically stress-tested since the rise of Bitcoin; in fact, as we demonstrate in this paper, any attack against it (assuming the other two properties hold) results in an attack against Bitcoin. In addition, iterated hardness puts forth a new class of search problems which we term {\em iterated search problems} (ISP). ISPs enable the concise and modular specification of blockchain protocols, and may be of independent interest

Balloon Hashing: A Memory-Hard Function Providing Provable Protection Against Sequential Attacks

We present the Balloon password-hashing algorithm. This is the first practical cryptographic hash function that: (i) has proven memory-hardness properties in the random-oracle model, (ii) uses a password-independent access pattern, and (iii) meets or exceeds the performance of the best heuristically secure password-hashing algorithms. Memory-hard functions require a large amount of working space to evaluate efficiently and when used for password hashing, they dramatically increase the cost of offline dictionary attacks. In this work, we leverage a previously unstudied property of a certain class of graphs (“random sandwich graphs”) to analyze the memory-hardness of the Balloon algorithm. The techniques we develop are general: we also use them to give a proof of security of the scrypt and Argon2i password-hashing functions in the random-oracle model. Our security analysis uses a sequential model of computation, which essentially captures attacks that run on single-core machines. Recent work shows how to use massively parallel special-purpose machines (e.g., with hundreds of cores) to attack Balloon and other memory-hard functions. We discuss these important attacks, which are outside of our adversary model, and propose practical defenses against them. To motivate the need for security proofs in the area of password hashing, we demonstrate and implement a practical attack against Argon2i that successfully evaluates the function with less space than was previously claimed possible. Finally, we use experimental results to compare the performance of the Balloon hashing algorithm to other memory-hard functions

Scoring of surface parameters of physiological relevance to surfactant therapy in respiratory distress syndrome

The Wilhelmy balance was used for in vitro testing of surface parameters of surfactants used for respiratory distress syndrome therapy. Two commercial protein-free surfactants, ALEC and Exosurf, were compared with pure forms of the three main phospholipids in natural surfactants, dipalmitoyl phosphatidylcholine (PC), phosphatidylglycerol (PG), and phosphatidylethanolamine (PE), and their binary mixtures, PC with PE and PG each in the ratio 2:3. Surface excess films (15 Angstrom (2)/molecule) were compressed at 1.2 cycles/min past collapse to a compression ratio of 4:1. The maximum surface pressure, spreading time, compressibility, respreading ratio, recruitment index, and hysteresis area were compared. A consolidated list of criteria for selection of suitable surfactants was compiled from the literature. A relative scoring system was devised for comparison based on these criteria. PC/PG (2:3) performed the best as it fulfilled all the criteria and obtained the highest relative score. Exosurf also performed well, except on the respreading criterion. ALEC and PC/PE were equivalent in their performance and performed well, except on two criteria: hysteresis area and recruitment index. Thus the scoring system proposed here proved valuable to rate the overall efficacy as well as relative merits of surfactant formulations