Output privacy in secure multiparty computation

Abstract. In secure multiparty computation, a set of mutually mistrusting players engage in a protocol to compute an arbitrary, publicly known polynomial-sized function of the party’s private inputs, in a way that does not reveal (to an adversary controlling some of the players) any knowledge about the remaining inputs, beyond what can be deduced from the obtained output(s). Since its introduction by Yao [39], and Goldreich, Micali and Wigderson [29], this powerful paradigm has received a lot of attention. All throughout, however, very little attention has been given to the privacy of the players ’ outputs. Yet, disclosure of (part of) the output(s) may have serious consequences for the overall security of the application e.g., when the computed output is a secret key; or when the evaluation of the function is part of a larger computation, so that the function’s output(s) will be used as input(s) in the next phase. In this work, we define the notion of private-output multiparty computation. This newly revised notion encompasses (as a particular case) the classical definition and allows a set of players to jointly compute the output of a common function in such a way that the execution of the protocol reveals no information (to an adversary controlling some of the players) about (some part of) the outputs (other than what follows from the description of the function itself). Next, we formall

ProvablySecure Authenticated Group Diffie-Hellman Key Exchange

Abstract: Authenticated key exchange protocols allow two participants A and B, communicating over a public network and each holding an authentication means, to exchange a shared secret value. Methods designed to deal with this cryptographic problem ensure A (resp. B) that no other participants aside from B (resp. A) can learn any information about the agreed value, and often also ensure A and B that their respective partner has actually computed this value. A natural extension to this cryptographic method is to consider a pool of participants exchanging a shared secret value and to provide a formal treatment for it. Starting from the famous 2-party Diffie-Hellman (DH) key exchange protocol, and from its authenticated variants, security experts have extended it to the multi-party setting for over a decade and completed a formal analysis in the framework of modern cryptography in the past few years. The present paper synthesizes this body of work on the provably-secure authenticated group DH key exchange. The present paper revisits and combines the full versions of the following four papers

Broad Clade 2 Cross-Reactive Immunity Induced by an Adjuvanted Clade 1 rH5N1 Pandemic Influenza Vaccine

The availability of H5N1 vaccines that can elicit a broad cross-protective immunity against different currently circulating clade 2 H5N1 viruses is a pre-requisite for the development of a successful pre-pandemic vaccination strategy. In this regard, it has recently been shown that adjuvantation of a recombinant clade 1 H5N1 inactivated split-virion vaccine with an oil-in-water emulsion-based adjuvant system also promoted cross-immunity against a recent clade 2 H5N1 isolate (A/Indonesia/5/2005, subclade 2.1). Here we further analyse the cross-protective potential of the vaccine against two other recent clade 2 isolates (A/turkey/Turkey/1/2005 and A/Anhui/1/2005 which are, as defined by WHO, representatives of subclades 2.2 and 2.3 respectively).Two doses of the recombinant A/Vietnam/1194/2004 (H5N1, clade 1) vaccine were administered 21 days apart to volunteers aged 18-60 years. We studied the cross-clade immunogenicity of the lowest antigen dose (3.8 microg haemagglutinin) given with (N = 20) or without adjuvant (N = 20). Immune responses were assessed at 21 days following the first and second vaccine doses and at 6 months following first vaccination. Vaccination with two doses of 3.8 microg of the adjuvanted vaccine induced four-fold neutralising seroconversion rates in 85% of subjects against A/turkey/Turkey/1/2005 (subclade 2.2) and 75% of subjects against A/Anhui/1/2005 (subclade 2.3) recombinant strains. There was no response induced against these strains in the non-adjuvanted group. At 6 months following vaccination, 70% and 60% of subjects retained neutralising antibodies against the recombinant subclade 2.2 and 2.3 strains, respectively and 40% of subjects retained antibodies against the recombinant subclade 2.1 A/Indonesia/5/2005 strain.In addition to antigen dose-sparing, adjuvantation of inactivated split H5N1 vaccine promotes broad and persistent cross-clade immunity which is a pre-requisite for a pre-pandemic vaccine.ClinicalTrials.gov NCT00309634

Cross-Protection against Lethal H5N1 Challenge in Ferrets with an Adjuvanted Pandemic Influenza Vaccine

Background. Unprecedented spread between birds and mammals of highly pathogenic avian influenza viruses (HPAI) of the H5N1 subtype has resulted in hundreds of human infections with a high fatality rate. This has highlighted the urgent need for the development of H5N1 vaccines that can be produced rapidly and in sufficient quantities. Potential

Association of the PHACTR1/EDN1 genetic locus with spontaneous coronary artery dissection

Background: Spontaneous coronary artery dissection (SCAD) is an increasingly recognized cause of acute coronary syndromes (ACS) afflicting predominantly younger to middle-aged women. Observational studies have reported a high prevalence of extracoronary vascular anomalies, especially fibromuscular dysplasia (FMD) and a low prevalence of coincidental cases of atherosclerosis. PHACTR1/EDN1 is a genetic risk locus for several vascular diseases, including FMD and coronary artery disease, with the putative causal noncoding variant at the rs9349379 locus acting as a potential enhancer for the endothelin-1 (EDN1) gene. Objectives: This study sought to test the association between the rs9349379 genotype and SCAD. Methods: Results from case control studies from France, United Kingdom, United States, and Australia were analyzed to test the association with SCAD risk, including age at first event, pregnancy-associated SCAD (P-SCAD), and recurrent SCAD. Results: The previously reported risk allele for FMD (rs9349379-A) was associated with a higher risk of SCAD in all studies. In a meta-analysis of 1,055 SCAD patients and 7,190 controls, the odds ratio (OR) was 1.67 (95% confidence interval [CI]: 1.50 to 1.86) per copy of rs9349379-A. In a subset of 491 SCAD patients, the OR estimate was found to be higher for the association with SCAD in patients without FMD (OR: 1.89; 95% CI: 1.53 to 2.33) than in SCAD cases with FMD (OR: 1.60; 95% CI: 1.28 to 1.99). There was no effect of genotype on age at first event, P-SCAD, or recurrence. Conclusions: The first genetic risk factor for SCAD was identified in the largest study conducted to date for this condition. This genetic link may contribute to the clinical overlap between SCAD and FMD

Cold atoms in space: community workshop summary and proposed road-map

We summarise the discussions at a virtual Community Workshop on Cold Atoms in Space concerning the status of cold atom technologies, the prospective scientific and societal opportunities offered by their deployment in space, and the developments needed before cold atoms could be operated in space. The cold atom technologies discussed include atomic clocks, quantum gravimeters and accelerometers, and atom interferometers. Prospective applications include metrology, geodesy and measurement of terrestrial mass change due to, e.g., climate change, and fundamental science experiments such as tests of the equivalence principle, searches for dark matter, measurements of gravitational waves and tests of quantum mechanics. We review the current status of cold atom technologies and outline the requirements for their space qualification, including the development paths and the corresponding technical milestones, and identifying possible pathfinder missions to pave the way for missions to exploit the full potential of cold atoms in space. Finally, we present a first draft of a possible road-map for achieving these goals, that we propose for discussion by the interested cold atom, Earth Observation, fundamental physics and other prospective scientific user communities, together with the European Space Agency (ESA) and national space and research funding agencies.publishedVersio

Cold atoms in space: community workshop summary and proposed road-map

We summarise the discussions at a virtual Community Workshop on Cold Atoms in Space concerning the status of cold atom technologies, the prospective scientific and societal opportunities offered by their deployment in space, and the developments needed before cold atoms could be operated in space. The cold atom technologies discussed include atomic clocks, quantum gravimeters and accelerometers, and atom interferometers. Prospective applications include metrology, geodesy and measurement of terrestrial mass change due to, e.g., climate change, and fundamental science experiments such as tests of the equivalence principle, searches for dark matter, measurements of gravitational waves and tests of quantum mechanics. We review the current status of cold atom technologies and outline the requirements for their space qualification, including the development paths and the corresponding technical milestones, and identifying possible pathfinder missions to pave the way for missions to exploit the full potential of cold atoms in space. Finally, we present a first draft of a possible road-map for achieving these goals, that we propose for discussion by the interested cold atom, Earth Observation, fundamental physics and other prospective scientific user communities, together with the European Space Agency (ESA) and national space and research funding agencies

Cold atoms in space: community workshop summary and proposed road-map

We summarise the discussions at a virtual Community Workshop on Cold Atoms in Space concerning the status of cold atom technologies, the prospective scientific and societal opportunities offered by their deployment in space, and the developments needed before cold atoms could be operated in space. The cold atom technologies discussed include atomic clocks, quantum gravimeters and accelerometers, and atom interferometers. Prospective applications include metrology, geodesy and measurement of terrestrial mass change due to, e.g., climate change, and fundamental science experiments such as tests of the equivalence principle, searches for dark matter, measurements of gravitational waves and tests of quantum mechanics. We review the current status of cold atom technologies and outline the requirements for their space qualification, including the development paths and the corresponding technical milestones, and identifying possible pathfinder missions to pave the way for missions to exploit the full potential of cold atoms in space. Finally, we present a first draft of a possible road-map for achieving these goals, that we propose for discussion by the interested cold atom, Earth Observation, fundamental physics and other prospective scientific user communities, together with the European Space Agency (ESA) and national space and research funding agencies

Securing Group Key Exchange against Strong Corruptions

Abstract. In group key exchange (GKE) protocols users usually extract the group key using some auxiliary (ephemeral) secret information generated during the execution. Strong corruptions are attacks by which an adversary can reveal these ephemeral secrets, in addition to the possibly used long-lived keys. Undoubtedly, security impact of strong corruptions is serious, and thus specifying appropriate security requirements and designing secure GKE protocols appears an interesting yet challenging task — the aim of our paper. We start by investigating the current setting of strong corruptions and derive some refinements such as opening attacks that allow to reveal ephemeral secrets of users without their long-lived keys. This allows to consider even stronger attacks against honest, but “opened ” users. Further, we define strong security goals for GKE protocols in the presence of such powerful adversaries and propose a 3-round GKE protocol, named TDH1, which remains immune to their attacks under standard cryptographic assumptions. Our security definitions allow adversaries to register users and specify their long-lived keys, thus, in particular capture attacks of malicious insiders for the appropriate security goals such as mutual authentication, key confirmation, contributiveness, key control and key-replication resilience. Key words: Authenticated group key exchange, mutual authentication, contributiveness, insider attacks, strong corruptions, key registration, Tree Diffie-Hellma