HardIDX: Practical and Secure Index with SGX

Software-based approaches for search over encrypted data are still either challenged by lack of proper, low-leakage encryption or slow performance. Existing hardware-based approaches do not scale well due to hardware limitations and software designs that are not specifically tailored to the hardware architecture, and are rarely well analyzed for their security (e.g., the impact of side channels). Additionally, existing hardware-based solutions often have a large code footprint in the trusted environment susceptible to software compromises. In this paper we present HardIDX: a hardware-based approach, leveraging Intel's SGX, for search over encrypted data. It implements only the security critical core, i.e., the search functionality, in the trusted environment and resorts to untrusted software for the remainder. HardIDX is deployable as a highly performant encrypted database index: it is logarithmic in the size of the index and searches are performed within a few milliseconds rather than seconds. We formally model and prove the security of our scheme showing that its leakage is equivalent to the best known searchable encryption schemes. Our implementation has a very small code and memory footprint yet still scales to virtually unlimited search index sizes, i.e., size is limited only by the general - non-secure - hardware resources

Quantum correlations and artificial intelligence

The possibility of using quantum correlations in the process of exchanging information between artificial intelligence systems has been considered. The benefits of using quantum correlations in such process include: high degree of information protection both on the physical level (electric and magnetic noise does not affect quantum correlations) and on the level of confidentiality preservation of information transmitted (any external interference results in data corruption without information disclosure); the possibility of full automation of information transmission process; the process is dissipation free (which follows from that the quantum correlations are performed between the quantum obj ects described by the same wave function); high speed of information transmission (higher than the speed of light). In this case the special relativity postulate concerning the speed of light is not violated, because it relates to inertial systems only; however, quantum correlation due to being dissipation free is an inertialess process (which follows from the well-known, experimentally-verified relationship between mass m and energy E: E = mc2, where с is the speed of light). Feasible approaches to using quantum correlations for information exchange between artificial intelligence systems have been reviewed in the paper, in particular two versions of information transmission between artificial intelligence systems have been considered: with external synchronization of information transmission time and autonomous synchronization performed by interacting artificial intelligence systems. The main difficulty in implementing information transmission by means of quantum correlations is the necessity of using the so-called entangled quantum objects, that is the quantum objects having some mutually-dependent characteristics of their wave functions

Flexible and Robust Privacy-Preserving Implicit Authentication

Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user's usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user's profile. It uses an ad hoc two-party computation protocol to compare the user's fresh sampled features against an encrypted stored user's profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical). Keywords: Privacy-preserving implicit authentication, privacy-preserving set intersection, implicit authentication, active authentication, transparent authentication, risk mitigation, data brokers.Comment: IFIP SEC 2015-Intl. Information Security and Privacy Conference, May 26-28, 2015, IFIP AICT, Springer, to appea

Involvement of Russian student youth in Internet communications as a factor in the formation of models of their socio-political activity

The methodological, methodological and practical aspects of determining the socio-political activity of student youth by factors of young people involvement in Internet communications, trust in Internet resources, and the use of digital services for satisfying information needs have been revealed. Based on the analysis of the results of sociological research, the role of the information and communication network “Internet” in the formation of young people’s attitudes to various forms of participation in socio-political practices has been highlighted. A number of information sources in the virtual space with political information has been analysed. The article includes information about the conditions and factors that affect the features of virtual communications of young people on political issues. Сonsiderable attention has been paid to the peculiarities of determining the attitudes of young people to participate in elections, as the most obvious form of their political activity. Using the methods of mathematical statistical analysis, the forms of Internet activity of young people have been studied and considered as factors of integration values political activities in dispositional personality structure, political orientation and willingness to co-operate with various actors power relations (political institutions, social movements, parties, groups of political activists), as well as acceptable forms of political behavior. Using the calculation of indices, determining measures of Central trend and variation, as well as other quantitative and qualitative diagnostic tools, a comparative analysis of the results of various sociological studies on the relationship between the level of youth involvement in the Internet space and the degree of political activity has been carried out. The features of student youth perception of political reality depending on the image of political practices in the virtual space have been characterized. Measures to create conditions for the formation of positive attitudes among young people to socially encouraged models of political activity (activity and behavior) have been justified

Social and Cultural Integration and Adaptation of Migrant Children into Norwegian Society in 1990s and 2000s

The authors consider the processes of social and cultural adaptation of migrant children and their integration into the host society in the context of Norway’s immigration policy in the article. Particular attention is paid to the specifics of the country’s immigration policy, strategies for working with immigrant children in the host society, as well as the social consequences of these strategies for Norwegian society. It is emphasized that immigrants and the native population of the country exert mutual influence on each other. Establishment of effective social interactions between them, assimilation of elements of new culture by immigrants has a favorable effect on the internal political stability of the state. It is noted that this is especially important for Norway, which adheres to the policy of multiculturalism. It is concluded that the integration of immigrants into the host community does not happen automatically. The authors also highlight the strengths and weaknesses of the Norwegian immigration policy in relation to children, which to a certain extent calls into question its effectiveness in the long term

SOCIALIZATION OF DIGITAL EDUCATION THROUGH THE ENHANCEMENT OF REMOTE TESTING

The article is based on the results of analysis of educational subjects for bachelors of the 1st, 2nd, and 3d years of education in the socio-adapted system of remote training for various management and economic specialization profiles. According to the conducted study, the course units have been determined for which remote training and controlled assessment are justified, the results of electronic testing of students have been summarized, the dynamics of the results has been revealed, the directions of enhancement of testing and testing material development technologies have been shown, the socio-adapted types of test questions have been highlighted, and examples of typical test questions have been provided, recommendations on the method of presentation of educational material have been formulated

A simple and effective method for ultrastructural analysis of mitosis in Drosophila S2 cells

© 2016 The AuthorsThe Drosophila S2 tissue culture cells are a widely used system for studies on mitosis. S2 cells are particularly sensitive to gene silencing by RNA interference (RNAi), allowing targeted inactivation of mitotic genes. S2 cells are also well suited for high-resolution light microscopy analysis of mitosis in fixed cells, and can be easily immunostained to detect mitotic components. In addition, S2 cells are amenable to transformation with plasmid encoding fluorescently tagged mitotic proteins, allowing in vivo analysis of their behavior throughout cell division. However, S2 cells have not been widely used for transmission electron microscopy (TEM) analysis, which provides ultrastructural details on the morphology of the mitotic apparatus that cannot be obtained with high-resolution confocal microscopy. Here, we describe a simple method for the ultrastructural analysis of mitosis in Drosophila S2 cells. • Our method, which involves fixation and sectioning of a cell pellet, provides excellent preservation of mitotic structures and allows analysis of a higher number of mitotic divisions per sample, compared to correlative light-electron microscopy.• Dividing cells are randomly oriented within the pellet and are sectioned along different planes, providing all-around information on the structure of the mitotic apparatus

Primary hyperparathyroidism with PTH values within the reference range: clinical case of a patient with recurrent nephrolithiasis

Hyperparathyroidism is an endocrine disease characterized by excessive secretion of parathyroid hormone (PTH) by the parathyroid glands. Primary hyperparathyroidism (PHPT) can be diagnosed biochemically with the combination of hypercalcemia and upper-normal or elevated levels of PTH. There are few descriptions of PHPT with normal intact PTH secretion in the literature. The incidence of PHPT among patients with recurrent urolithiasis is 2–8%. We present a clinical case of diagnosing PHPT in a 64-year-old female patient with rare variant of the disease. Before establishing the diagnosis, the main patient complaints were long-term recurrent nephrolithiasis and nephrocalcinosis. Surgical treatment made it possible to achieve rapid normalization of biochemical parameters of calcium-phosphorus metabolism, increase bone mineral density in the lumbar spine, improve the general condition of the patient. This clinical case demonstrates errors and late diagnosis of PHPT associated with poor knowledge of the manifestations of hyperparathyroidism and its masks. The authors recommend to determine the concentrations of total calcium, albumin, serum levels of PTH in patients with clinical picture of PHPT, in order to exclude the disease

Key Rotation for Authenticated Encryption

A common requirement in practice is to periodically rotate the keys used to encrypt stored data. Systems used by Amazon and Google do so using a hybrid encryption technique which is eminently practical but has questionable security in the face of key compromises and does not provide full key rotation. Meanwhile, symmetric updatable encryption schemes (introduced by Boneh et al. CRYPTO 2013) support full key rotation without performing decryption: ciphertexts created under one key can be rotated to ciphertexts created under a different key with the help of a re-encryption token. By design, the tokens do not leak information about keys or plaintexts and so can be given to storage providers without compromising security. But the prior work of Boneh et al. addresses relatively weak confidentiality goals and does not consider integrity at all. Moreover, as we show, a subtle issue with their concrete scheme obviates a security proof even for confidentiality against passive attacks. This paper presents a systematic study of updatable Authenticated Encryption (AE). We provide a set of security notions that strengthen those in prior work. These notions enable us to tease out real-world security requirements of different strengths and build schemes that satisfy them efficiently. We show that the hybrid approach currently used in industry achieves relatively weak forms of confidentiality and integrity, but can be modified at low cost to meet our stronger confidentiality and integrity goals. This leads to a practical scheme that has negligible overhead beyond conventional AE. We then introduce re-encryption indistinguishability, a security notion that formally captures the idea of fully refreshing keys upon rotation. We show how to repair the scheme of Boneh et al., attaining our stronger confidentiality notion. We also show how to extend the scheme to provide integrity, and we prove that it meets our re- encryption indistinguishability notion. Finally, we discuss how to instantiate our scheme efficiently using off-the-shelf cryptographic components (AE, hashing, elliptic curves). We report on the performance of a prototype implementation, showing that fully secure key rotations can be performed at a throughput of approximately 116 kB/s

Subverting Decryption in AEAD

This work introduces a new class of Algorithm Substitution Attack (ASA) on Symmetric Encryption Schemes. ASAs were introduced by Bellare, Paterson and Rogaway in light of revelations concerning mass surveillance. An ASA replaces an encryption scheme with a subverted version that aims to reveal information to an adversary engaged in mass surveillance, while remaining undetected by users. Previous work posited that a particular class of AEAD scheme (satisfying certain correctness and uniqueness properties) is resilient against subversion. Many if not all real-world constructions – such as GCM, CCM and OCB – are members of this class. Our results stand in opposition to those prior results. We present a potent ASA that generically applies to any AEAD scheme, is undetectable in all previous frameworks and which achieves successful exfiltration of user keys. We give even more efficient non-generic attacks against a selection of AEAD implementations that are most used in practice. In contrast to prior work, our new class of attack targets the decryption algorithm rather than encryption. We argue that this attack represents an attractive opportunity for a mass surveillance adversary. Our work serves to refine the ASA model and contributes to a series of papers that raises awareness and understanding about what is possible with ASAs