Design and analysis of the radiator structure for space power systems

The design, analysis, fabrication, and development of the 5-kWe radiator structure are shown. Thermal performance, meteoroid protection, structural capability during launch, development testing and space operation, material evaluation, and the configuration selection are described. The fin-tube development program depends on the relative values of the thermal coefficients of expansion. The initial selection of aluminum fins and Type 316 stainless-steel tubes was based on previous experience; however, the large differential in their expansion rates showed that an alternate, more compatible, combination was needed. Copper, stainless-steel-clad copper, boron-impregnated aluminum, and an independent radiator with a titanium structure were all considered as alternate materials. The final selection was Lockalloy fins with Type 304 stainless-steel D tubes

Accountable authentication with privacy protection: The Larch system for universal login

Credential compromise is hard to detect and hard to mitigate. To address this problem, we present larch, an accountable authentication framework with strong security and privacy properties. Larch protects user privacy while ensuring that the larch log server correctly records every authentication. Specifically, an attacker who compromises a user's device cannot authenticate without creating evidence in the log, and the log cannot learn which web service (relying party) the user is authenticating to. To enable fast adoption, larch is backwards-compatible with relying parties that support FIDO2, TOTP, and password-based login. Furthermore, larch does not degrade the security and privacy a user already expects: the log server cannot authenticate on behalf of a user, and larch does not allow relying parties to link a user across accounts. We implement larch for FIDO2, TOTP, and password-based login. Given a client with four cores and a log server with eight cores, an authentication with larch takes 150ms for FIDO2, 91ms for TOTP, and 74ms for passwords (excluding preprocessing, which takes 1.23s for TOTP).Comment: This is an extended version of a paper appearing at OSDI 202

SNAP 2 POWER CONVERSION SYSTEM. ROTATIONAL SPEED CONTROL. Topical Report No. 18

The rotational speed control for the SNAP 2 power conversion system employs the concept of controlling speed by electrically loading the alternator. Speed is controlled in this manner to plus or minus 1% of nominal. This report covers work performed from March 1, 1960 to July 1, 1961. (auth

Reducing Participation Costs via Incremental Verification for Ledger Systems

Ledger systems are applications run on peer-to-peer networks that provide strong integrity guarantees. However, these systems often have high participation costs. For a server to join this network, the bandwidth and computation costs grow linearly with the number of state transitions processed; for a client to interact with a ledger system, it must either maintain the entire ledger system state like a server or trust a server to correctly provide such information. In practice, these substantial costs centralize trust in the hands of the relatively few parties with the resources to maintain the entire ledger system state. The notion of *incrementally verifiable computation*, introduced by Valiant (TCC \u2708), has the potential to significantly reduce such participation costs. While prior works have studied incremental verification for basic payment systems, the study of incremental verification for a general class of ledger systems remains in its infancy. In this paper we initiate a systematic study of incremental verification for ledger systems, including its foundations, implementation, and empirical evaluation. We formulate a cryptographic primitive providing the functionality and security for this setting, and then demonstrate how it captures applications with privacy and user-defined computations. We build a system that enables incremental verification, for applications such as privacy-preserving payments, with universal (application-independent) setup. Finally, we show that incremental verification can reduce participation costs by orders of magnitude, for a bare-bones version of Bitcoin

Private Web Search with Tiptoe

Tiptoe is a private web search engine that allows clients to search over hundreds of millions of documents, while revealing no information about their search query to the search engine’s servers. Tiptoe’s privacy guarantee is based on cryptography alone; it does not require hardware enclaves or non-colluding servers. Tiptoe uses semantic embeddings to reduce the problem of private full-text search to private nearest-neighbor search. Then, Tiptoe implements private nearest-neighbor search with a new, high-throughput protocol based on linearly homomorphic encryption. Running on a 45-server cluster, Tiptoe can privately search over 360 million web pages with 145 core-seconds of server compute, 56.9 MiB of client-server communication (74% of which occurs before the client enters its search query), and 2.7 seconds of end-to-end latency. Tiptoe’s search works best on conceptual queries (“knee pain”) and less well on exact string matches (“123 Main Street, New York”). On the MS MARCO search-quality benchmark, Tiptoe ranks the best-matching result in position 7.7 on average. This is worse than a state-of-the-art, non-private neural search algorithm (average rank: 2.3), but is close to the classical tf-idf algorithm (average rank: 6.7). Finally, Tiptoe is extensible: it also supports private text-to-image search and, with minor modifications, it can search over audio, code, and more

Waldo: A Private Time-Series Database from Function Secret Sharing

Applications today rely on cloud databases for storing and querying time-series data. While outsourcing storage is convenient, this data is often sensitive, making data breaches a serious concern. We present Waldo, a time-series database with rich functionality and strong security guarantees: Waldo supports multi-predicate filtering, protects data contents as well as query filter values and search access patterns, and provides malicious security in the 3-party honest-majority setting. In contrast, prior systems such as Timecrypt and Zeph have limited functionality and security: (1) these systems can only filter on time, and (2) they reveal the queried time interval to the server. Oblivious RAM (ORAM) and generic multiparty computation (MPC) are natural choices for eliminating leakage from prior work, but both of these are prohibitively expensive in our setting due to the number of roundtrips and bandwidth overhead, respectively. To minimize both, Waldo builds on top of function secret sharing, enabling Waldo to evaluate predicates without client interaction. We develop new techniques for applying function secret sharing to the encrypted database setting where there are malicious servers, secret inputs, and chained predicates. With 32-core machines, Waldo runs a query with 8 range predicates over $2^{18}$ records in 3.03s, compared to 12.88s for an MPC baseline and 16.56s for an ORAM baseline. Compared to Waldo, the MPC baseline uses 9 − 82× more bandwidth between servers (for different numbers of records), while the ORAM baseline uses 20 − 152× more bandwidth between the client and server(s) (for different numbers of predicates)

Endometriosis Mimicking a Gynecologic Cancer Presentation

CASE DESCRIPTION: A 44-year-old premenopausal woman with acute abdominal pain, a pelvic mass detected on imaging and microcytic anemia was transferred to Gynecologic Oncology service due to clinical suspicion for pelvic neoplasm. Pelvic exam was notable for a palpable cervical mass, enlarged left adnexa, and nodularity of the parametrium. Computed Tomography demonstrated a 17.6X15.5X13.2cm, complex left adnexal mass with small volume ascites and omental thickening and nodularity, suggesting carcinomatosis. Patient underwent supracervical abdominal hysterectomy, bilateral salpingo-oophorectomy (BSO), omentectomy and radical excision of broad ligament pelvic mass. Intraoperative findings were consistent with large endometrioma. Pathology confirmed the large endometrioma in the broad ligament and endometriosis in the vagina. The ovaries, uterus, and fallopian tubes were negative for endometriosis. The uterine final pathology also demonstrated leiomyomas and an endometrial polyp. Three months after excision, the patient had no other symptoms of endometriosis. CONCLUSIONS: Endometriosis classically presents with symptoms of dysmenorrhea, dyspareunia, or infertility; however, up to 25% of patients remain asymptomatic. Only a few prior case reports have documented acute presentations of endometriosis. In this case, the presentation of fever, atypical laboratory values, pelvic exam findings and suspicious imaging (pelvic mass with omental thickening) led to a differential prioritizing malignancy. Patient underwent surgical resection, with intraoperative pathology consistent with an endometrioma. CLINICAL SIGNIFICANCE: This case of an atypical presentation of endometriosis in a previously asymptomatic patient mimicked a malignant process. Final pathological diagnoses of an endometrioma, endometriosis, leiomyomas, and an endometrial polyp highlight the importance of maintaining a broad differential that includes benign pathology and reliance on histopathological investigation

Snoopy: Surpassing the Scalability Bottleneck of Oblivious Storage

Existing oblivious storage systems provide strong security by hiding access patterns, but do not scale to sustain high throughput as they rely on a central point of coordination. To overcome this scalability bottleneck, we present Snoopy, an object store that is both oblivious and scalable such that adding more machines increases system throughput. Snoopy contributes techniques tailored to the high-throughput regime to securely distribute and efficiently parallelize every system component without prohibitive coordination costs. These techniques enable Snoopy to scale similarly to a plaintext storage system. Snoopy achieves 13.7x higher throughput than Obladi, a state-of-the-art oblivious storage system. Specifically, Obladi reaches a throughput of 6.7K requests/s for two million 160-byte objects and cannot scale beyond a proxy and server machine. For the same data size, Snoopy uses 18 machines to scale to 92K requests/s with average latency under 500ms