LNCS

NMAC is a mode of operation which turns a fixed input-length keyed hash function f into a variable input-length function. A practical single-key variant of NMAC called HMAC is a very popular and widely deployed message authentication code (MAC). Security proofs and attacks for NMAC can typically be lifted to HMAC. NMAC was introduced by Bellare, Canetti and Krawczyk [Crypto'96], who proved it to be a secure pseudorandom function (PRF), and thus also a MAC, assuming that (1) f is a PRF and (2) the function we get when cascading f is weakly collision-resistant. Unfortunately, HMAC is typically instantiated with cryptographic hash functions like MD5 or SHA-1 for which (2) has been found to be wrong. To restore the provable guarantees for NMAC, Bellare [Crypto'06] showed its security based solely on the assumption that f is a PRF, albeit via a non-uniform reduction. - Our first contribution is a simpler and uniform proof for this fact: If f is an ε-secure PRF (against q queries) and a δ-non-adaptively secure PRF (against q queries), then NMAC f is an (ε+ℓqδ)-secure PRF against q queries of length at most ℓ blocks each. - We then show that this ε+ℓqδ bound is basically tight. For the most interesting case where ℓqδ ≥ ε we prove this by constructing an f for which an attack with advantage ℓqδ exists. This also violates the bound O(ℓε) on the PRF-security of NMAC recently claimed by Koblitz and Menezes. - Finally, we analyze the PRF-security of a modification of NMAC called NI [An and Bellare, Crypto'99] that differs mainly by using a compression function with an additional keying input. This avoids the constant rekeying on multi-block messages in NMAC and allows for a security proof starting by the standard switch from a PRF to a random function, followed by an information-theoretic analysis. We carry out such an analysis, obtaining a tight ℓq2/2 c bound for this step, improving over the trivial bound of ℓ2q2/2c. The proof borrows combinatorial techniques originally developed for proving the security of CBC-MAC [Bellare et al., Crypto'05]

Interpain A, a Cysteine Proteinase from Prevotella intermedia, Inhibits Complement by Degrading Complement Factor C3

Periodontitis is an inflammatory disease of the supporting structures of the teeth caused by, among other pathogens, Prevotella intermedia. Many strains of P. intermedia are resistant to killing by the human complement system, which is present at up to 70% of serum concentration in gingival crevicular fluid. Incubation of human serum with recombinant cysteine protease of P. intermedia (interpain A) resulted in a drastic decrease in bactericidal activity of the serum. Furthermore, a clinical strain 59 expressing interpain A was more serum-resistant than another clinical strain 57, which did not express interpain A, as determined by Western blotting. Moreover, in the presence of the cysteine protease inhibitor E64, the killing of strain 59 by human serum was enhanced. Importantly, we found that the majority of P. intermedia strains isolated from chronic and aggressive periodontitis carry and express the interpain A gene. The protective effect of interpain A against serum bactericidal activity was found to be attributable to its ability to inhibit all three complement pathways through the efficient degradation of the α-chain of C3—the major complement factor common to all three pathways. P. intermedia has been known to co-aggregate with P. gingivalis, which produce gingipains to efficiently degrade complement factors. Here, interpain A was found to have a synergistic effect with gingipains on complement degradation. In addition, interpain A was able to activate the C1 complex in serum, causing deposition of C1q on inert and bacterial surfaces, which may be important at initial stages of infection when local inflammatory reaction may be beneficial for a pathogen. Taken together, the newly characterized interpain A proteinase appears to be an important virulence factor of P. intermedia

Genetic and developmental analysis of adenosine deaminase-related growth factors C and D in Drosophilla melanogaster.

The thesis presents genetic and developmental studies of two Drosophilla genes, ADGF-C and ADGF-D and it is divided into 3 parts. The 1st part provides a characterization of the whole ADGF multigene family containing six members. The ADGFs are active adenosine deaminases converting adenosine or deoxyadenosine to inosine or deoxyinosine. The in vitro experiments with imaginal disc cell line C18+ revealed the mitogenic activity of ADGF proteins, which is connected to their enzymatic activity. In the 2nd part, the mutagenesis of ADGF family is described. The employing of modified Ends-in homologous recombination - targeting method led to production of mutations in five members of ADGF family. The 3rd part of presented thesis reports the variety of phenotypes displayed by ADGF-C and -D mutant flies. According to obtained results the ADGF-C and -D proteins are involved in many processes including early axis formation, bristle development, locomotion activity and female fertility. We also showed a possible interaction with the JH pathway.Available from STL Prague, CZ / NTK - National Technical LibrarySIGLECZCzech Republi

On the memory hardness of data independent password hashing functions

We show attacks on five data-independent memory-hard functions (iMHF) that were submitted to the password hashing competition (PHC). Informally, an MHF is a function which cannot be evaluated on dedicated hardware, like ASICs, at significantly lower hardware and/or energy cost than evaluating a single instance on a standard single-core architecture. Data-independent means the memory access pattern of the function is independent of the input; this makes iMHFs harder to construct than data-dependent ones, but the latter can be attacked by various side-channel attacks. Following [Alwen-Blocki'16], we capture the evaluation of an iMHF as a directed acyclic graph (DAG). The cumulative parallel pebbling complexity of this DAG is a measure for the hardware cost of evaluating the iMHF on an ASIC. Ideally, one would like the complexity of a DAG underlying an iMHF to be as close to quadratic in the number of nodes of the graph as possible. Instead, we show that (the DAGs underlying) the following iMHFs are far from this bound: Rig.v2, TwoCats and Gambit each having an exponent no more than 1.75. Moreover, we show that the complexity of the iMHF modes of the PHC finalists Pomelo and Lyra2 have exponents at most 1.83 and 1.67 respectively. To show this we investigate a combinatorial property of each underlying DAG (called its depth-robustness. By establishing upper bounds on this property we are then able to apply the general technique of [Alwen-Block'16] for analyzing the hardware costs of an iMHF

Development of a Well-Characterized Rhesus Macaque Model of Ebola Virus Disease for Support of Product Development

Ebola virus (EBOV) is a negative-sense RNA virus that can infect humans and nonhuman primates with severe health consequences. Development of countermeasures requires a thorough understanding of the interaction between host and pathogen, and the course of disease. The goal of this study was to further characterize EBOV disease in a uniformly lethal rhesus macaque model, in order to support development of a well-characterized model following rigorous quality standards. Rhesus macaques were intramuscularly exposed to EBOV and one group was euthanized at predetermined time points to characterize progression of disease. A second group was not scheduled for euthanasia in order to analyze survival, changes in physiology, clinical pathology, terminal pathology, and telemetry kinetics. On day 3, sporadic viremia was observed and pathological evidence was noted in lymph nodes. By day 5, viremia was detected in all EBOV exposed animals and pathological evidence was noted in the liver, spleen, and gastrointestinal tissues. These data support the notion that EBOV infection in rhesus macaques is a rapid systemic disease similar to infection in humans, under a compressed time scale. Biomarkers that correlated with disease progression at the earliest stages of infection were observed thereby identifying potential “trigger-to-treat” for use in therapeutic studies

Discovery of a Protective <i>Rickettsia prowazekii</i> Antigen Recognized by CD8⁺ T Cells, RP884, Using an <i>In Vivo</i> Screening Platform

<div><p><i>Rickettsia prowazekii</i> has been tested for biological warfare due to the high mortality that it produces after aerosol transmission of very low numbers of rickettsiae. Epidemic typhus, the infection caused by these obligately intracellular bacteria, continues to be a threat because it is difficult to diagnose due to initial non-specific symptoms and the lack of commercial diagnostic tests that are sensitive and specific during the initial clinical presentation. A vaccine to prevent epidemic typhus would constitute an effective deterrent to the weaponization of <i>R. prowazekii</i>; however, an effective and safe vaccine is not currently available. Due to the cytoplasmic niche of <i>Rickettsia</i>, CD8⁺ T-cells are critical effectors of immunity; however, the identification of antigens recognized by these cells has not been systematically addressed. To help close this gap, we designed an antigen discovery strategy that uses cell-based vaccination with antigen presenting cells expressing microbe's proteins targeted to the MHC class I presentation pathway. We report the use of this method to discover a protective T-cell rickettsial antigen, RP884, among a test subset of rickettsial proteins.</p></div

<i>In vivo</i> identification of rickettsial antigens.

<p>A) Thirty-six APC lines expressing high levels of individual <i>R. prowazekii</i> proteins were randomly combined into 8 pools. Eight groups of mice (4 mice per group) were immunized with pools of APCs expressing 4 or 5 different <i>R. prowazekii</i> proteins (see <a href="http://www.plosone.org/article/info:doi/10.1371/journal.pone.0076253#pone.0076253.s006" target="_blank">table S1</a>) by inoculating 2×10⁵ APCs i.v. As a control, one group of mice was immunized with APCs expressing a gene from <i>A. thaliana</i>. We also included a group without any manipulation (blank control). Fifteen days after immunization, all mice were challenged with 3×LD₅₀<i>R. typhi</i>. At day 7 post-infection, all animals were terminated, and rickettsial load in liver and lungs (not shown) was determined using quantitative real-time PCR targeting the rickettsial gene <i>gltA</i> and the mouse gene <i>ldhal6b</i>. We identified one group of mice with a significantly lower load of <i>Rickettsia</i>. B) This group was deconvoluted by immunizing mice with the individual constructs following a similar strategy as the one above. We found one protective rickettsial protein in this group, RP884.</p

Characteristics of new eukaryotic expression vector.

<p>A) Diagram of plasmid components. B) Comparison of the same rickettsial proteins expressed as fusion proteins with GFP (pDEST47) or with our new vector, pDEST-M1. Note the visual difference between signal and background.</p