Trustee: Full Privacy Preserving Vickrey Auction on top of Ethereum

The wide deployment of tokens for digital assets on top of Ethereum implies the need for powerful trading platforms. Vickrey auctions have been known to determine the real market price of items as bidders are motivated to submit their own monetary valuations without leaking their information to the competitors. Recent constructions have utilized various cryptographic protocols such as ZKP and MPC, however, these approaches either are partially privacy-preserving or require complex computations with several rounds. In this paper, we overcome these limits by presenting Trustee as a Vickrey auction on Ethereum which fully preserves bids' privacy at relatively much lower fees. Trustee consists of three components: a front-end smart contract deployed on Ethereum, an Intel SGX enclave, and a relay to redirect messages between them. Initially, the enclave generates an Ethereum account and ECDH key-pair. Subsequently, the relay publishes the account's address and ECDH public key on the smart contract. As a prerequisite, bidders are encouraged to verify the authenticity and security of Trustee by using the SGX remote attestation service. To participate in the auction, bidders utilize the ECDH public key to encrypt their bids and submit them to the smart contract. Once the bidding interval is closed, the relay retrieves the encrypted bids and feeds them to the enclave that autonomously generates a signed transaction indicating the auction winner. Finally, the relay submits the transaction to the smart contract which verifies the transaction's authenticity and the parameters' consistency before accepting the claimed auction winner. As part of our contributions, we have made a prototype for Trustee available on Github for the community to review and inspect it. Additionally, we analyze the security features of Trustee and report on the transactions' gas cost incurred on Trustee smart contract.Comment: Presented at Financial Cryptography and Data Security 2019, 3rd Workshop on Trusted Smart Contract

Security considerations for Galois non-dual RLWE families

We explore further the hardness of the non-dual discrete variant of the Ring-LWE problem for various number rings, give improved attacks for certain rings satisfying some additional assumptions, construct a new family of vulnerable Galois number fields, and apply some number theoretic results on Gauss sums to deduce the likely failure of these attacks for 2-power cyclotomic rings and unramified moduli

Depth optimized efficient homomorphic sorting

We introduce a sorting scheme which is capable of efficiently sorting encrypted data without the secret key. The technique is obtained by focusing on the multiplicative depth of the sorting circuit alongside the more traditional metrics such as number of comparisons and number of iterations. The reduced depth allows much reduced noise growth and thereby makes it possible to select smaller parameter sizes in somewhat homomorphic encryption instantiations resulting in greater efficiency savings. We first consider a number of well known comparison based sorting algorithms as well as some sorting networks, and analyze their circuit implementations with respect to multiplicative depth. In what follows, we introduce a new ranking based sorting scheme and rigorously analyze the multiplicative depth complexity as O(log(N) + log(l)), where N is the size of the array to be sorted and l is the bit size of the array elements. Finally, we simulate our sorting scheme using a leveled/batched instantiation of a SWHE library. Our sorting scheme performs favorably over the analyzed classical sorting algorithms

Poly(trimethylene carbonate) and biphasic calcium phosphate composites for orbital floor reconstruction: A feasibility study in sheep

In the treatment of orbital floor fractures, bone is ideally regenerated. The materials currently used for orbital floor reconstruction do not lead to the regeneration of bone. Our objective was to render polymeric materials based on poly(trimethylene carbonate) (PTMC) osteoinductive, and to evaluate their suitability for use in orbital floor reconstruction. For this purpose, osteoinductive biphasic calcium phosphate (BCP) particles were introduced into a polymeric PTMC matrix. Composite sheets containing 50 wt% BCP particles were prepared. Also laminates with poly(D,L-lactide) (PDLLA) were prepared by compression moulding PDLLA films onto the composite sheets. After sterilisation by gamma irradiation, the sheets were used to reconstruct surgically-created orbital floor defects in sheep. The bone inducing potential of the different implants was assessed upon intramuscular implantation.\ud The performance of the implants in orbital floor reconstruction was assessed by cone beam computed tomography (CBCT). Histological evaluation revealed that in the orbital and intramuscular implantations of BCP containing specimens, bone formation could be seen after 3 and 9 months. Analysis of the CBCT scans showed that the composite PTMC sheets and the laminated composite sheets performed well in orbital floor reconstruction. It is concluded that PTMC/BCP composites and PTMC/BCP composites laminated with PDLLA have osteoinductive properties and seem suitable for use in orbital floor reconstruction

Expression of the RNA helicase DDX3 and the hypoxia response in breast cancer

<p>Aims: DDX3 is an RNA helicase that has antiapoptotic properties, and promotes proliferation and transformation. In addition, DDX3 was shown to be a direct downstream target of HIF-1α (the master regulatory of the hypoxia response) in breast cancer cell lines. However, the relation between DDX3 and hypoxia has not been addressed in human tumors. In this paper, we studied the relation between DDX3 and the hypoxic responsive proteins in human breast cancer.</p> <p>Methods and Results: DDX3 expression was investigated by immunohistochemistry in breast cancer in comparison with hypoxia related proteins HIF-1α, GLUT1, CAIX, EGFR, HER2, Akt1, FOXO4, p53, ERα, COMMD1, FER kinase, PIN1, E-cadherin, p21, p27, Transferrin receptor, FOXO3A, c-Met and Notch1. DDX3 was overexpressed in 127 of 366 breast cancer patients, and was correlated with overexpression of HIF-1α and its downstream genes CAIX and GLUT1. Moreover, DDX3 expression correlated with hypoxia-related proteins EGFR, HER2, FOXO4, ERα and c-Met in a HIF-1α dependent fashion, and with COMMD1, FER kinase, Akt1, E-cadherin, TfR and FOXO3A independent of HIF-1α.</p> <p>Conclusions: In invasive breast cancer, expression of DDX3 was correlated with overexpression of HIF-1α and many other hypoxia related proteins, pointing to a distinct role for DDX3 under hypoxic conditions and supporting the oncogenic role of DDX3 which could have clinical implication for current development of DDX3 inhibitors.</p&gt

Mathematical modeling of the metastatic process

Mathematical modeling in cancer has been growing in popularity and impact since its inception in 1932. The first theoretical mathematical modeling in cancer research was focused on understanding tumor growth laws and has grown to include the competition between healthy and normal tissue, carcinogenesis, therapy and metastasis. It is the latter topic, metastasis, on which we will focus this short review, specifically discussing various computational and mathematical models of different portions of the metastatic process, including: the emergence of the metastatic phenotype, the timing and size distribution of metastases, the factors that influence the dormancy of micrometastases and patterns of spread from a given primary tumor.Comment: 24 pages, 6 figures, Revie

A Family of Lightweight Twisted Edwards Curves for the Internet of Things

We introduce a set of four twisted Edwards curves that satisfy common security requirements and allow for fast implementations of scalar multiplication on 8, 16, and 32-bit processors. Our curves are defined by an equation of the form -x^2 + y^2 = 1 + dx^2y^2 over a prime field Fp, where d is a small non-square modulo p. The underlying prime fields are based on "pseudo-Mersenne" primes given by p = 2^k - c and have in common that p is congruent to 5 modulo 8, k is a multiple of 32 minus 1, and c is at most eight bits long. Due to these common features, our primes facilitate a parameterized implementation of the low-level arithmetic so that one and the same arithmetic function is able to process operands of different length. Each of the twisted Edwards curves we introduce in this paper is birationally equivalent to a Montgomery curve of the form -(A+2)y^2 = x^3 + Ax^2 + x where 4/(A+2) is small. Even though this contrasts with the usual practice of choosing A such that (A+2)/4 is small, we show that the Montgomery form of our curves allows for an equally efficient implementation of point doubling as Curve25519. The four curves we put forward roughly match the common security levels of 80, 96, 112 and 128 bits. In addition, their Weierstraß representations are isomorphic to curves of the form y^2 = x^3 - 3x + b so as to facilitate inter-operability with TinyECC and other legacy software

Quantum resource estimates for computing elliptic curve discrete logarithms

We give precise quantum resource estimates for Shor's algorithm to compute discrete logarithms on elliptic curves over prime fields. The estimates are derived from a simulation of a Toffoli gate network for controlled elliptic curve point addition, implemented within the framework of the quantum computing software tool suite LIQ$Ui|\rangle$. We determine circuit implementations for reversible modular arithmetic, including modular addition, multiplication and inversion, as well as reversible elliptic curve point addition. We conclude that elliptic curve discrete logarithms on an elliptic curve defined over an $n$-bit prime field can be computed on a quantum computer with at most $9n + 2\lceil\log_2(n)\rceil+10$ qubits using a quantum circuit of at most $448 n^3 \log_2(n) + 4090 n^3$ Toffoli gates. We are able to classically simulate the Toffoli networks corresponding to the controlled elliptic curve point addition as the core piece of Shor's algorithm for the NIST standard curves P-192, P-224, P-256, P-384 and P-521. Our approach allows gate-level comparisons to recent resource estimates for Shor's factoring algorithm. The results also support estimates given earlier by Proos and Zalka and indicate that, for current parameters at comparable classical security levels, the number of qubits required to tackle elliptic curves is less than for attacking RSA, suggesting that indeed ECC is an easier target than RSA.Comment: 24 pages, 2 tables, 11 figures. v2: typos fixed and reference added. ASIACRYPT 201

Fast polynomial inversion for post quantum QC-MDPC cryptography

The NIST PQC standardization project evaluates multiple new designs for post-quantum Key Encapsulation Mechanisms (KEMs). Some of them present challenging tradeoffs between communication bandwidth and computational overheads. An interesting case is the set of QC-MDPC based KEMs. Here, schemes that use the Niederreiter framework require only half the communication bandwidth compared to schemes that use the McEliece framework. However, this requires costly polynomial inversion during the key generation, which is prohibitive when ephemeral keys are used. One example is BIKE, where the BIKE-1 variant uses McEliece and the BIKE-2 variant uses Niederreiter. This paper shows an optimized constant-time polynomial inversion method that makes the computation costs of BIKE-2 key generation tolerable. We report a speedup of 11.8x over the commonly used NTL library, and 55.5 over OpenSSL. We achieve additional speedups by leveraging the latest Intel\u27s Vector-PCLMULQDQ instructions on a laptop machine, 14.3x over NTL and 96.8x over OpenSSL. With this, BIKE-2 becomes a competitive variant of BIKE