The Expectation Monad in Quantum Foundations

The expectation monad is introduced abstractly via two composable adjunctions, but concretely captures measures. It turns out to sit in between known monads: on the one hand the distribution and ultrafilter monad, and on the other hand the continuation monad. This expectation monad is used in two probabilistic analogues of fundamental results of Manes and Gelfand for the ultrafilter monad: algebras of the expectation monad are convex compact Hausdorff spaces, and are dually equivalent to so-called Banach effect algebras. These structures capture states and effects in quantum foundations, and also the duality between them. Moreover, the approach leads to a new re-formulation of Gleason's theorem, expressing that effects on a Hilbert space are free effect modules on projections, obtained via tensoring with the unit interval.Comment: In Proceedings QPL 2011, arXiv:1210.029

DNA-Sequence Variation Among Schistosoma mekongi Populations and Related Taxa; Phylogeography and the Current Distribution of Asian Schistosomiasis

Schistosomiasis is a disease caused by parasitic worms of the genus Schistosoma. In the lower Mekong river, schistosomiasis in humans is called Mekong schistosomiasis and is caused by Schistosoma mekongi. In the past, Mekong schistosomiasis was known only from the lower Mekong river. Here DNA-sequence variation is used to study the relationships and history of populations of S. mekongi. Populations from other rivers are compared and shown to be S. mekongi, thus confirming that this species is not restricted to only a small section of one river. The dates of divergence among populations are also estimated. Prior to this study it was assumed that S. mekongi originated in Yunnan, China, migrated southwards across Laos and into Cambodia, later becoming extinct in Laos (due to conditions unsuitable for transmission). In contrast, the dates estimated here indicate that S. mekongi entered Cambodia from Vietnam, 2.5–1 Ma. The pattern of genetic variation fits better with a more recent, and ongoing, northwards migration from Cambodia into Laos. The implications are that Mekong schistosomiasis is more widespread than once thought and that the human population at risk is up to 10 times greater than originally estimated. There is also an increased possibility of the spread of Mekong schistosomiasis across Laos

Towards Provably Robust Watermarking

Watermarking techniques are used to help identifying copies of publicly released information. They consist in applying a slight and secret modification to the data before its release, in a way that should be robust, ie., remain recognizable even in (reasonably) modified copies of the data. In this paper, we present new results about the robustness of watermarking schemes against arbitrary attackers, and the formalization of those results in Coq. We used the ALEA library, which formalizes probability theory and models probabilistic programs using a simple monadic translation. This work illustrates the strengths and particularities of the induced style of reasoning about probabilistic programs. Our technique for proving robustness is adapted from methods commonly used for cryptographic protocols, and we discuss its relevance to the field of watermarking

Cardiovascular and hormonal aspects of very-low-carbohydrate ketogenic diets

In recent years, restriction of carbohydrate intake for weight loss has become widespread. Our research group began studying physiological responses to very‐low‐carbohydrate ketogenic diets (VLCKDs) in the late 1990s because we felt there was a significant void in the literature and limited understanding of metabolic responses to VLCKDs. This launched us into a line of research examining the physiological effects of VLCKDs. In this paper, we briefly overview nine studies we have published on isoenergetic and hypoenergetic VLCKDs in men and women. These studies have focused on blood lipid responses to VLCKDs, but we have also addressed changes in body weight, body composition, and hormones. Compared with low‐fat diets, short‐term VLCKDs consistently result in improvements in fat loss, fasting and postprandial triacylglycerols, high‐density lipoprotein‐cholesterol, the distribution of low‐density lipoprotein‐cholesterol subclasses, and insulin resistance. These are the key metabolic abnormalities of metabolic syndrome, a problem of epidemic proportions in the United States. There is substantial variability in total cholesterol and low‐density lipoprotein‐cholesterol responses to VLCKD. The factors responsible for this variability are not known, and studies designed to identify methods to predict blood lipid responses to VLCKD and other dietary approaches represent critical areas for nutrition researchers. Further research is warranted to validate the physiological effects of VLCKD over longer periods of time, including studies that modify the quality of macronutrients (i.e., the type of fat and protein) and the interaction with other interventions (e.g., exercise, dietary supplements, drugs)

Programming language techniques for cryptographic proofs

CertiCrypt is a general framework to certify the security of cryptographic primitives in the Coq proof assistant. CertiCrypt adopts the code-based paradigm, in which the statement of security, and the hypotheses under which it is proved, are expressed using probabilistic programs. It provides a set of programming language tools (observational equivalence, relational Hoare logic, semantics-preserving program transformations) to assist in constructing proofs. Earlier publications of CertiCrypt provide an overview of its architecture and main components, and describe its application to signature and encryption schemes. This paper describes programming language techniques that arise specifically in cryptographic proofs. The techniques have been developed to complete a formal proof of IND-CCA security of the OAEP padding scheme. In this paper, we illustrate their usefulness for showing the PRP/PRF Switching Lemma, a fundamental cryptographic result that bounds the probability of an adversary to distinguish a family of pseudorandom functions from a family of pseudorandom permutations

A Framework for Game-Based Security Proofs ⋆

Abstract. To be accepted, a cryptographic scheme must come with a proof that it satisfies some standard security properties. However, because cryptographic schemes are based on non-trivial mathematics, proofs are error-prone and difficult to check. The main contributions of this paper are a refinement of the game-based approach to security proofs, and its implementation on top of the proof assistant Coq. The proof assistant checks that the proof is correct and deals with the mundane part of the proof. An interesting feature of our framework is that our proofs are formal enough to be mechanically checked, but still readable enough to be humanly checked. We illustrate the use of our framework by proving in a systematic way the so-called semantic security of the encryption scheme Elgamal and its hashed version

Beyond Provable Security Verifiable IND-CCA Security of OAEP

International audienceOAEP is a widely used public-key encryption scheme based on trapdoor permutations. Its security proof has been scrutinized and amended repeatedly. Fifteen years after the introduction of OAEP, we present a machine-checked proof of its security against adaptive chosen-ciphertext attacks under the assumption that the underlying permutation is partial-domain one-way. The proof can be independently verified by running a small and trustworthy proof checker and fixes minor glitches that have subsisted in published proofs. We provide an overview of the proof, highlight the differences with earlier works, and explain in some detail a crucial step in the reduction: the elimination of indirect queries made by the adversary to random oracles via the decryption oracle. We also provide—within the limits of a conference paper—a broader perspective on independently verifiable security proofs

Verified Indifferentiable Hashing into Elliptic Curves

Abstract. Many cryptographic systems based on elliptic curves are proven secure in the Random Oracle Model, assuming there exist probabilistic functions that map elements in some domain (e.g. bitstrings) onto uniformly and independently distributed points in a curve. When implementing such systems, and in order for the proof to carry over to the implementation, those mappings must be instantiated with concrete constructions whose behavior does not deviate significantly from random oracles. In contrast to other approaches to public-key cryptography, where candidates to instantiate random oracles have been known for some time, the first generic construction for hashing into ordinary elliptic curves indifferentiable from a random oracle was put forward only recently by Brier et al. We present a machine-checked proof of this construction. The proof is based on an extension of the CertiCrypt framework with logics and mechanized tools for reasoning about approximate forms of observational equivalence, and integrates mathematical libraries of group theory and elliptic curves.

Computer-Aided Cryptographic Proofs

Abstract. EasyCrypt is an automated tool that supports the machinechecked construction and verification of security proofs of cryptographic systems, and that has been used toverify emblematic examples of publickeyencryptionschemes, digital signature schemes, hash function designs, and block cipher modes of operation. The purpose of this paper is to motivate the role of computer-aided proofs in the broader context of provable security and to illustrate the workings of EasyCrypt through simple introductory examples.