Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions

We revisit the notion of Decentralized Traceable Attribute-Based Signatures (DTABS) introduced by El Kaafarani et al. (CT-RSA 2014) and improve the state-of-the-art in three dimensions: Firstly, we provide a new stronger security model which circumvents some shortcomings in existing models. Our model minimizes the trust placed in attribute authorities and hence provides, among other things, a stronger definition for non-frameability. In addition, our model captures the notion of tracing soundness which is important for many applications of the primitive. Secondly, we provide a generic construction that is secure w.r.t. our strong security model and show two example instantiations in the standard model which are more efficient than existing constructions (secure under weaker security definitions). Finally, we dispense with the need for the expensive zero-knowledge proofs required for proving tracing correctness by the tracing authority. As a result, tracing a signature in our constructions is significantly more efficient than existing constructions, both in terms of the size of the tracing proof and the computational cost required to generate and verify it. For instance, verifying tracing correctness in our constructions requires only 4 pairings compared to 34 pairings in the most efficient existing construction

Who died as a result of the tsunami? – Risk factors of mortality among internally displaced persons in Sri Lanka: a retrospective cohort analysis

BACKGROUND: Describing adverse health effects and identifying vulnerable populations during and after a disaster are important aspects of any disaster relief operation. This study aimed to describe the mortality and related risk factors which affected the displaced population over a period of two and a half months after the 2004 Indian Ocean tsunami in an eastern coastal district of Sri Lanka. METHODS: A cross-sectional household survey was conducted in 13 evacuation camps for internally displaced persons (IDP). Information on all pre-tsunami family members was collected from householders, and all deaths which occurred during the recall period (77 to 80 days starting from the day of the tsunami) were recorded. The distribution of mortality and associated risk factors were analysed. Logistic regression modelling using the generalized estimating equations method was applied in multivariate analysis. RESULTS: Overall mortality rate out of 3,533 individuals from 859 households was 12.9% (446 deaths and 11 missing persons). The majority of the deaths occurred during and immediately after the disaster. A higher mortality was observed among females (17.5% vs. 8.2% for males, p < 0.001), children and the elderly (31.8%, 23.7% and 15.3% for children aged less than 5 years, children aged 5 to 9 years and adults over 50 years, respectively, compared with 7.4% for adults aged 20 to 29 years, p < 0.001). Other risk factors, such as being indoors at the time of the tsunami (13.8% vs. 5.9% outdoors, p < 0.001), the house destruction level (4.6%, 5.5% and 14.2% in increasing order of destruction, p < 0.001) and fishing as an occupation (15.4% vs. 11.2% for other occupations, p < 0.001) were also significantly associated with increased mortality. These correlations remained significant after adjusting for the confounding effects by multivariate analysis. CONCLUSION: A significantly high mortality was observed in women and children among the displaced population in the eastern coastal district of Sri Lanka who were examined by us. Reconstruction activities should take into consideration these changes in population structure

Non-Abelian discrete gauge symmetries in 4d string models

We study the realization of non-Abelian discrete gauge symmetries in 4d field theory and string theory compactifications. The underlying structure generalizes the Abelian case, and follows from the interplay between gaugings of non-Abelian isometries of the scalar manifold and field identifications making axion-like fields periodic. We present several classes of string constructions realizing non-Abelian discrete gauge symmetries. In particular, compactifications with torsion homology classes, where non-Abelianity arises microscopically from the Hanany-Witten effect, or compactifications with non-Abelian discrete isometry groups, like twisted tori. We finally focus on the more interesting case of magnetized branes in toroidal compactifications and quotients thereof (and their heterotic and intersecting duals), in which the non-Abelian discrete gauge symmetries imply powerful selection rules for Yukawa couplings of charged matter fields. In particular, in MSSM-like models they correspond to discrete flavour symmetries constraining the quark and lepton mass matrices, as we show in specific examples.Comment: 58 pages; minor typos corrected and references adde

Further Lower Bounds for Structure-Preserving Signatures in Asymmetric Bilinear Groups

Structure-Preserving Signatures (SPSs) are a useful tool for the design of modular cryptographic protocols. Recent series of works have shown that by limiting the message space of those schemes to the set of Diffie-Hellman (DH) pairs, it is possible to circumvent the known lower bounds in the Type-3 bilinear group setting thus obtaining the shortest signatures consisting of only 2 elements from the shorter source group. It has been shown that such a variant yields efficiency gains for some cryptographic constructions, including attribute-based signatures and direct anonymous attestation. Only the cases of signing a single DH pair or a DH pair and a vector from $\Z_p$ have been considered. Signing a vector of group elements is required for various applications of SPSs, especially if the aim is to forgo relying on heuristic assumptions. An open question is whether such an improved lower bound also applies to signing a vector of $\ell > 1$ messages. We answer this question negatively for schemes existentially unforgeable under an adaptive chosen-message attack (EUF-CMA) whereas we answer it positively for schemes existentially unforgeable under a random-message attack (EUF-RMA) and those which are existentially unforgeable under a combined chosen-random-message attack (EUF-CMA-RMA). The latter notion is a leeway between the two former notions where it allows the adversary to adaptively choose part of the message to be signed whereas the remaining part of the message is chosen uniformly at random by the signer. Another open question is whether strongly existentially unforgeable under an adaptive chosen-message attack (sEUF-CMA) schemes with 2-element signatures exist. We answer this question negatively, proving it is impossible to construct sEUF-CMA schemes with 2-element signatures even if the signature consists of elements from both source groups. On the other hand, we prove that sEUF-RMA and sEUF-CMA-RMA schemes with 2-element (unilateral) signatures are possible by giving constructions for those notions. Among other things, our findings show a gap between random-message/combined chosen-random-message security and chosen-message security in this setting

Enhanced Security of Attribute-Based Signatures

Despite the recent advances in attribute-based signatures (ABS), no schemes have yet been considered under a strong privacy definition. We enhance the security of ABS by presenting a strengthened simulation-based privacy definition and the first attribute-based signature functionality in the framework of universal composability (UC). Additionally, we show that the UC definition is equivalent to our strengthened experiment-based security definitions. To achieve this we rely on a general unforgeability and a simulation-based privacy definition that is stronger than standard indistinguishability-based privacy. Further, we show that two extant concrete ABS constructions satisfy this simulation-based privacy definition and are therefore UC secure. The two concrete constructions are the schemes by Sakai et al. (PKC\u2716) and by Maji et al. (CT-RSA\u2711). Additionally, we identify the common feature that allows these schemes to meet our privacy definition, giving us further insights into the security requirements of ABS

Mixed Mediation of Supersymmetry Breaking with Anomalous U(1) Gauge Symmetry

Models with anomalous U(1) gauge symmetry contain various superfields which can have nonzero supersymmetry breaking auxiliary components providing the origin of soft terms in the visible sector, e.g. the U(1) vector superfield, the modulus or dilaton superfield implementing the Green-Schwarz anomaly cancellation mechanism, U(1)-charged but standard model singlet matter superfield required to cancel the Fayet-Iliopoulos term, and finally the supergravity multiplet. We examine the relative strength between these supersymmetry breaking components in a simple class of models, and find that various different mixed mediations of supersymmetry breaking, involving the modulus, gauge, anomaly and D-term mediations, can be realized depending upon the characteristics of D-flat directions and how those D-flat directions are stabilized with a vanishing cosmological constant. We identify two parameters which represent such properties and thus characterize how the various mediations are mixed. We also discuss the moduli stabilization and soft terms in a variant of KKLT scenario, in which the visible sector K\"ahler modulus is stabilized by the D-term potential of anomalous U(1) gauge symmetry.Comment: 30 pages, 5 figure

Studies of the Decay B+- -> D_CP K+-

We report studies of the decay B+- -> D_CP K+-, where D_CP denotes neutral D mesons that decay to CP eigenstates. The analysis is based on a 29.1/fb data sample of collected at the \Upsilon(4S) resonance with the Belle detector at the KEKB asymmetric e+ e- storage ring. Ratios of branching fractions of Cabibbo-suppressed to Cabibbo-favored processes involving D_CP are determined to be B(B- -> D_1 K-)/B(B- -> D_1 pi-)=0.125 +- 0.036 +- 0.010 and B(B- -> D_2 K-)/B(B- -> D_2 pi-)=0.119 +- 0.028 +- 0.006, where indices 1 and 2 represent the CP=+1 and CP=-1 eigenstates of the D0 - anti D0 system, respectively. We also extract the partial rate asymmetries for B+- -> D_CP K+-, finding A_1 = 0.29 +- 0.26 +- 0.05 and A_2 = -0.22 +- 0.24 +- 0.04.Comment: 10 pages, 2 figures, submitted to Physical Review Letter

More Efficient Structure-Preserving Signatures - Or: Bypassing the Type-III Lower Bounds

Structure-preserving signatures are an important cryptographic primitive that is useful for the design of modular cryptographic protocols. It has been proven that structure-preserving signatures (in the most efficient Type-III bilinear group setting) have a lower bound of 3 group elements in the signature (which must include elements from both source groups) and require at least 2 pairing-product equations for verification. In this paper, we show that such lower bounds can be circumvented. In particular, we define the notion of Unilateral Structure-Preserving Signatures on Diffie-Hellman pairs (USPSDH) which are structure-preserving signatures in the efficient Type-III bilinear group setting with the message space being the set of Diffie-Hellman pairs, in the terminology of Abe et al. (Crypto 2010). The signatures in these schemes are elements of one of the source groups, i.e. unilateral, whereas the verification key elements\u27 are from the other source group. We construct a number of new structure-preserving signature schemes which bypass the Type-III lower bounds and hence they are much more efficient than all existing structure-preserving signature schemes. We also prove optimality of our constructions by proving lower bounds and giving some impossibility results. Our contribution can be summarized as follows: \begin{itemize} \item We construct two optimal randomizable CMA-secure schemes with signatures consisting of only 2 group elements from the first short source group and therefore our signatures are at least half the size of the best existing structure-preserving scheme for unilateral messages in the (most efficient) Type-III setting. Verifying signatures in our schemes requires, besides checking the well-formedness of the message, the evaluation of a single Pairing-Product Equation (PPE) and requires a fewer pairing evaluations than all existing structure-preserving signature schemes in the Type-III setting. Our first scheme has a feature that permits controlled randomizability (combined unforgeability) where the signer can restrict some messages such that signatures on those cannot be re-randomized which might be useful for some applications. \item We construct optimal strongly unforgeable CMA-secure one-time schemes with signatures consisting of 1 group element, and which can also sign a vector of messages while maintaining the same signature size. \item We give a one-time strongly unforgeable CMA-secure structure-preserving scheme that signs unilateral messages, i.e. messages in one of the source groups, whose efficiency matches the best existing optimal one-time scheme in every respect. \item We investigate some lower bounds and prove some impossibility results regarding this variant of structure-preserving signatures. \item We give an optimal (with signatures consisting of 2 group elements and verification requiring 1 pairing-product equation) fully randomizable CMA-secure partially structure-preserving scheme that simultaneously signs a Diffie-Hellman pair and a vector in $\Z^k_p$. \item As an example application of one of our schemes, we obtain efficient instantiations of randomizable weakly blind signatures which do not rely on random oracles. The latter is a building block that is used, for instance, in constructing Direct Anonymous Attestation (DAA) protocols, which are protocols deployed in practice. \end{itemize} Our results offer value along two fronts: On the practical side, our constructions are more efficient than existing ones and thus could lead to more efficient instantiations of many cryptographic protocols. On the theoretical side, our results serve as a proof that many of the lower bounds for the Type-III setting can be circumvented

Calcium Homeostasis in Myogenic Differentiation Factor 1 (MyoD)-Transformed, Virally-Transduced, Skin-Derived Equine Myotubes

Dysfunctional skeletal muscle calcium homeostasis plays a central role in the pathophysiology of several human and animal skeletal muscle disorders, in particular, genetic disorders associated with ryanodine receptor 1 (RYR1) mutations, such as malignant hyperthermia, central core disease, multiminicore disease and certain centronuclear myopathies. In addition, aberrant skeletal muscle calcium handling is believed to play a pivotal role in the highly prevalent disorder of Thoroughbred racehorses, known as Recurrent Exertional Rhabdomyolysis. Traditionally, such defects were studied in human and equine subjects by examining the contractile responses of biopsied muscle strips exposed to caffeine, a potent RYR1 agonist. However, this test is not widely available and, due to its invasive nature, is potentially less suitable for valuable animals in training or in the human paediatric setting. Furthermore, increasingly, RYR1 gene polymorphisms (of unknown pathogenicity and significance) are being identified through next generation sequencing projects. Consequently, we have investigated a less invasive test that can be used to study calcium homeostasis in cultured, skin-derived fibroblasts that are converted to the muscle lineage by viral transduction with a MyoD (myogenic differentiation 1) transgene. Similar models have been utilised to examine calcium homeostasis in human patient cells, however, to date, there has been no detailed assessment of the cells’ calcium homeostasis, and in particular, the responses to agonists and antagonists of RYR1. Here we describe experiments conducted to assess calcium handling of the cells and examine responses to treatment with dantrolene, a drug commonly used for prophylaxis of recurrent exertional rhabdomyolysis in horses and malignant hyperthermia in humans

Decaying Dark Matter in Supersymmetric Model and Cosmic-Ray Observations

We study cosmic-rays in decaying dark matter scenario, assuming that the dark matter is the lightest superparticle and it decays through a R-parity violating operator. We calculate the fluxes of cosmic-rays from the decay of the dark matter and those from the standard astrophysical phenomena in the same propagation model using the GALPROP package. We reevaluate the preferred parameters characterizing standard astrophysical cosmic-ray sources with taking account of the effects of dark matter decay. We show that, if energetic leptons are produced by the decay of the dark matter, the fluxes of cosmic-ray positron and electron can be in good agreements with both PAMELA and Fermi-LAT data in wide parameter region. It is also discussed that, in the case where sizable number of hadrons are also produced by the decay of the dark matter, the mass of the dark matter is constrained to be less than 200-300 GeV in order to avoid the overproduction of anti-proton. We also show that the cosmic gamma-ray flux can be consistent with the results of Fermi-LAT observation if the mass of the dark matter is smaller than nearly 4 TeV.Comment: 24 pages, 5 figure