PERKS: Persistent and Distributed Key Acquisition for Secure Storage from Passwords

We investigate how users of instant messaging (IM) services can acquire strong encryption keys to back up their messages and media with strong cryptographic guarantees. Many IM users regularly change their devices and use multiple devices simultaneously, ruling out any long-term secret storage. Extending the end-to-end encryption guarantees from just message communication to also incorporate backups has so far required either some trust in an IM or outsourced storage provider, or use of costly third-party encryption tools with unclear security guarantees. Recent works have proposed solutions for password-protected key material, however all require one or more servers to generate and/or store per-user information, inevitably invoking a cost to the users. We define distributed key acquisition (DKA) as the primitive for the task at hand, where a user interacts with one or more servers to acquire a strong cryptographic key, and both user and server are required to store as little as possible. We present a construction framework that we call PERKS---Password-based Establishment of Random Keys for Storage---providing efficient, modular and simple protocols that utilize Oblivious Pseudorandom Functions (OPRFs) in a distributed manner with minimal storage by the user (just the password) and servers (a single global key for all users). Along the way we introduce a formal treatment of DKA, and provide proofs of security for our constructions in their various flavours. Our approach enables key rotation by the OPRF servers, and for this we incorporate updatable encryption. Finally, we show how our constructions fit neatly with recent research on encrypted outsourced storage to provide strong security guarantees for the outsourced ciphertexts

Extending Updatable Encryption: Public Key, Tighter Security and Signed Ciphertexts

Updatable encryption is a useful primitive that enables key rotation for storing data on an untrusted storage provider without the leaking anything about the plaintext or the key. In this work, we make two contributions. Firstly, we extend updatable encryption to the public-key setting, providing its security model and three different efficient constructions. Using a public-key updatable encryption scheme, a user can receive messages directly in the cloud from multiple senders without revealing their secret key. Secondly, we add signatures on ciphertexts to guarantee plaintext integrity and authenticity. We call our new primitive \emph{Public-Key Signable Updatable Encryption} ($\mathsf{PSigUE}$). Our approach ensures that only legitimate ciphertexts are accepted by the server, and the adversary cannot compromise the message integrity in the database. We bypass the conflict between public integrity verification and the malleability that comes from the update functionality. We provide three pairing-based constructions of public-key signable updatable encryption. The first scheme, $\mathsf{PSigUE}_1$, is built using a dual-mode zero-knowledge proof of knowledge system under an assumption closely related to the $k$-linear assumption. The second scheme, $\mathsf{PSigUE}_2$, provides unlinkability in addition to public authenticity. In the third scheme, $\mathsf{PSigUE}_\mathsf{T}$, we achieve the tight security with respect of number of epochs. The construction of $\mathsf{PSigUE}_\mathsf{T}$ is inspired by tag-based tightly-secure PKE schemes

Fast and Secure Updatable Encryption

Updatable encryption allows a client to outsource ciphertexts to some untrusted server and periodically rotate the encryption key. The server can update ciphertexts from an old key to a new key with the help of an update token, received from the client, which should not reveal anything about keys or plaintexts to an adversary. We provide a new and highly efficient suite of updatable encryption schemes that we collectively call SHINE. In the variant designed for short messages, ciphertext generation consists of applying one permutation and one exponentiation (per message block), while updating ciphertexts requires just one exponentiation. Variants for longer messages provide much stronger security guarantees than prior work that has comparable efficiency. We present a new confidentiality notion for updatable encryption schemes that implies prior notions. We prove that SHINE is secure under our new confidentiality definition while also providing ciphertext integrity

Asthma, body mass and aerobic fitness, the relationship in adolescents: The exercise for asthma with commando Joe’s® (X4ACJ) trial

Although an association has been suggested between asthma, obesity, fitness and physical activity, the relationship between these parameters remains to be elucidated in adolescents. Six-hundred and sixteen adolescents were recruited (334 boys; 13.0 ± 1.1years; 1.57 ± 0.10m; 52.6 ± 12.9kg), of which 155 suffered from mild-to-moderate asthma (78 boys). Participants completed a 20-metre shuttle run test, lung function and 7-day objective physical activity measurements and completed asthma control and quality of life questionnaires. Furthermore, 69 adolescents (36 asthma; 21 boys) completed an incremental ramp cycle ergometer test. Although participants with asthma completed significantly fewer shuttle runs than their peers, peak V̇O2 did not differ between the groups. However, adolescents with asthma engaged in less physical activity (53.9 ± 23.5 vs 60.5 ± 23.6minutes) and had higher BMI (22.2 ± 4.8 vs 20.4 ± 3.7kg·m-2), than their peers. Whilst a significant relationship was found between quality of life and cardiorespiratory fitness according to peak V̇O2, only BMI was revealed as a significant predictor of asthma status. The current findings highlight the need to use accurate measures of cardiorespiratory fitness rather than indirect estimates to assess the influence of asthma during adolescence. Furthermore, the present study suggests that BMI and fitness may be key targets for future interventions seeking to improve asthma quality of life

Scale-dependent spatial patterns in benthic communities around a tropical island seascape

Understanding and predicting patterns of spatial organization across ecological communities is central to the field of landscape ecology, and a similar line of inquiry has begun to evolve sub-tidally among seascape ecologists. Much of our current understanding of the processes driving marine community patterns, particularly in the tropics, has come from small-scale, spatially-discrete data that are often not representative of the broader seascape. Here we expand the spatial extent of seascape ecology studies and combine spatially-expansive in situ digital imagery, oceanographic measurements, spatial statistics, and predictive modeling to test whether predictable patterns emerge between coral reef benthic competitors across scales in response to intra-island gradients in physical drivers. We do this around the entire circumference of a remote, uninhabited island in the central Pacific (Jarvis Island) that lacks the confounding effects of direct human impacts. We show, for the first time, that competing benthic groups demonstrate predictable scaling patterns of organization, with positive autocorrelation in the cover of each group at scales \u3c ~1 km. Moreover, we show how gradients in subsurface temperature and surface wave power drive spatially-abrupt transition points in group dominance, explaining 48–84% of the overall variation in benthic cover around the island. Along the western coast, we documented ten times more sub-surface cooling-hours than any other part of the coastline, with events typically resulting in a drop of 1–4°C over a period of \u3c 5 h. These high frequency temperature fluctuations are indicative of upwelling induced by internal waves and here result in localized nitrogen enrichment (NO 2 + NO 3 ) that promotes hard coral dominance around 44% of the island\u27s perimeter. Our findings show that, in the absence of confounding direct human impacts, the spatial organization of coral reef benthic competitors are predictable and somewhat bounded across the seascape by concurrent gradients in physical drivers

Preclinical Evaluation of AZ12601011 and AZ12799734, Inhibitors of Transforming Growth Factor β Superfamily Type 1 Receptors.

The transforming growth factor β (TGFβ) superfamily includes TGFβ, activins, inhibins, and bone morphogenetic proteins (BMPs). These extracellular ligands have essential roles in normal tissue homeostasis by coordinately regulating cell proliferation, differentiation, and migration. Aberrant signaling of superfamily members, however, is associated with fibrosis as well as tumorigenesis, cancer progression, metastasis, and drug-resistance mechanisms in a variety of cancer subtypes. Given their involvement in human disease, the identification of novel selective inhibitors of TGFβ superfamily receptors is an attractive therapeutic approach. Seven mammalian type 1 receptors have been identified that have context-specific roles depending on the ligand and the complex formation with the type 2 receptor. Here, we characterize the biologic effects of two transforming growth factor β receptor 1 (TGFBR1) kinase inhibitors designed to target TGFβ signaling. AZ12601011 [2-(2-pyridinyl)-4-(1H-pyrrolo[3,2-c]pyridin-1-yl)-6,7-dihydro-5H-cyclopenta[d]pyrimidine]; structure previously undisclosed] and AZ12799734 [4-({4-[(2,6-dimethyl-3-pyridinyl)oxy]-2-pyridinyl}amino)benzenesulfonamide] (IC50 = 18 and 47 nM, respectively) were more effective inhibitors of TGFβ-induced reporter activity than SB-431542 [4-[4-(1,3-benzodioxol-5-yl)-5-(2-pyridinyl)-1H-imidazol-2-yl]benzamide] (IC50 = 84 nM) and LY2157299 [4-[2-(6-methylpyridin-2-yl)-5,6-dihydro-4H-pyrrolo[1,2-b]pyrazol-3-yl]quinoline-6-carboxamide monohydrate]] (galunisertib) (IC50 = 380 nM). AZ12601011 inhibited phosphorylation of SMAD2 via the type 1 receptors activin A receptor type 1B (ALK4), TGFBR1, and activin A receptor type 1C (ALK7). AZ12799734, however, is a pan TGF/BMP inhibitor, inhibiting receptor-mediated phosphorylation of SMAD1 by activin A receptor type 1L, bone morphogenetic protein receptor type 1A, and bone morphogenetic protein receptor type 1B and phosphorylation of SMAD2 by ALK4, TGFBR1, and ALK7. AZ12601011 was highly effective at inhibiting basal and TGFβ-induced migration of HaCaT keratinocytes and, furthermore, inhibited tumor growth and metastasis to the lungs in a 4T1 syngeneic orthotopic mammary tumor model. These inhibitors provide new reagents for investigating in vitro and in vivo pathogenic processes and the contribution of TGFβ- and BMP-regulated signaling pathways to disease states

Thermal Behaviour of Synovene and Oleamide in Oil Adsorbed on Steel

Abstract: Oleamide and Synovene lubricant additives when mixed together show a clear co-operative effect leading to friction and wear reduction. Sum Frequency Generation vibrational spectroscopy has been used to record in situ spectra of these additives with the aim of understanding the behaviour of these molecules when adsorbed on steel immersed in a model base oil at pre-selected temperatures. The spectra of the individual components and of mixtures have been recorded up to 130 °C. Individual spectra from both molecules have been distinguished using per-deuterated oleamide. The temperature at which maximum ordered adsorption of pure Synovene molecules occurs drops from ~ 130 to ~ 70 °C in the mixture with oleamide. Our results show that co-adsorption occurs, which causes a change in net polar orientation of the oleamide component suggesting the hydrocarbon chains of the oleamide molecules reverse their polar orientation when Synovene is present. The net effect of co-adsorption and change in orientation as well as conformation of the two molecules could explain the reduction of friction and wear observed at the metal–metal interface

Security Analysis of the WhatsApp End-to-End Encrypted Backup Protocol

WhatsApp is an end-to-end encrypted (E2EE) messaging service used by billions of people. In late 2021, WhatsApp rolled out a new protocol for backing up chat histories. The E2EE WhatsApp backup protocol (WBP) allows users to recover their chat history from passwords, leaving WhatsApp oblivious of the actual encryption keys. The WBP builds upon the OPAQUE framework for password-based key exchange, which is currently undergoing standardization. While considerable efforts have gone into the design and auditing of the WBP, the complexity of the protocol’s design and shortcomings in the existing security analyses of its building blocks make it hard to understand the actual security guarantees that the WBP provides. In this work, we provide the first formal security analysis of the WBP. Our analysis in the universal composability (UC) framework confirms that the WBP provides strong protection of users’ chat history and passwords. It also shows that a corrupted server can under certain conditions make more password guesses than what previous analysis suggests

Mapping Public Engagement with Research in a UK University

Notwithstanding that ‘public engagement’ is conceptualised differently internationally and in different academic disciplines, higher education institutions largely accept the importance of public engagement with research. However, there is limited evidence on how researchers conceptualise engagement, their views on what constitutes engagement and the communities they would (or would not) like to engage with. This paper presents the results of a survey of researchers in the Open University that sought to gather data to fill these gaps. This research was part of an action research project designed to embed engagement in the routine practices of researchers at all levels. The findings indicate that researchers have a relatively narrow view of public engagement with research and the communities with which they interact. It also identified that very few strategically evaluate their public engagement activities. We conclude by discussing some of the interventions we have introduced with the aim of broadening and deepening future researcher engagement