Moving elements in list CRDTs

Conflict-free Replicated Data Types (CRDTs) for lists allow multiple users to concurrently insert and delete elements in a shared list object. However, existing algorithms behave poorly when users concurrently move list elements to a new position (i.e. reorder the elements in the list). We demonstrate the need for such a move operation, and describe an algorithm that extends a list CRDT with an explicit move operation. Our algorithm can be used in conjunction with any existing list CRDT algorithm. In addition to moving a single list element, we also discuss the open problem of moving ranges of elements.Leverhulme Trust Early Career Fellowship Isaac Newton Trus

The Art of the Fugue: Minimizing Interleaving in Collaborative Text Editing

Most existing algorithms for replicated lists, which are widely used in collaborative text editors, suffer from a problem: when two users concurrently insert text at the same position in the document, the merged outcome may interleave the inserted text passages, resulting in corrupted and potentially unreadable text. The problem has gone unnoticed for decades, and it affects both CRDTs and Operational Transformation. This paper defines maximal non-interleaving, our new correctness property for replicated lists. We introduce two related CRDT algorithms, Fugue and FugueMax, and prove that FugueMax satisfies maximal non-interleaving. We also implement our algorithms and demonstrate that Fugue offers performance comparable to state-of-the-art CRDT libraries for text editing.Comment: 16 pages, 10 figure

PushPin: Towards Production-Quality Peer-to-Peer Collaboration

Fully peer-to-peer application software promises many benefits over cloud software, in particular, being able to function indefinitely without requiring servers. Research on distributed consistency mechanisms such as CRDTs has laid the foundation for P2P data synchronisation and collaboration. In this paper we report on our experience in taking these technologies beyond research prototypes, and working towards commercial-grade P2P collaboration software. We identify approaches that work well in our experience, such as the functional reactive programming paradigm, and highlight areas in need of further research, such as the reliability of NAT traversal and usability challenges.Leverhulme Trust Early Career Fellowship Isaac Newton Trus

Pudding: Private User Discovery in Anonymity Networks

Anonymity networks allow messaging with metadata privacy, providing better privacy than popular encrypted messaging applications. However, contacting a user on an anonymity network currently requires knowing their public key or similar high-entropy information, as these systems lack a privacy-preserving mechanism for contacting a user via a short, human-readable username. Previous research suggests that this is a barrier to widespread adoption. In this paper we propose Pudding, a novel private user discovery protocol that allows a user to be contacted on an anonymity network knowing only their email address. Our protocol hides contact relationships between users, prevents impersonation, and conceals which usernames are registered on the network. Pudding is Byzantine fault tolerant, remaining available and secure as long as less than one third of servers are crashed, unavailable, or malicious. It can be deployed on Loopix and Nym without changes to the underlying anonymity network protocol, and it supports mobile devices with intermittent network connectivity. We demonstrate the practicality of Pudding with a prototype using the Nym anonymity network. We also formally define the security and privacy goals of our protocol and conduct a thorough analysis to assess its compliance with these definitions.Comment: Accepted at the IEEE Symposium on Security and Privacy (S&P) 202

Online Event Processing: Achieving Consistency Where Distributed Transactions Have Failed

Distributed transactions have failed as a mechanism for ensuring consistency across heterogeneous storage technologies in today's large-scale applications. Instead, we are witnessing the emergence of a programming model that relies on append-only event logs rather than transactions, and which we call OnLine Event Processing (OLEP) in contrast to OLTP. In this article we show that, although an event log is a very simple abstraction, applications that rely on such logs can efficiently provide strong consistency guarantees, such as atomicity and enforcing invariants, which are normally associated with ACID transactions. We provide case studies from real industrial data systems that have adopted the OLEP approach, demonstrating the practical advantages of building upon event logs.The Boeing Compan

Wie geht es weiter mit der statistischen Auswertung der Funkstörungen von Seriengeräten? Das Projekt EN 50715

Da eine 100%-Kontrolle der Funkentstörung von Geräten wegen des Zeitaufwandes nicht möglich ist, kann eine Bewertung der Konformität einer ganzen Serie nur mit Hilfe der Untersuchung einer begrenzten Stichprobe mittels statistischer Methoden erfolgen. Die Grundlagen dazu sind in CISPR TR 16-4-3 [1] zu finden. Schon in den ersten CISPR-Normen zur Funkentstörung wurde folgendes zur Signifikanz eines CISPR-Grenzwertes festgelegt: „Die Bedeutung der Grenzwerte bei typgeprüften Geräten muss sein, dass auf statistischer Grundlage bei seriengefertigten Geräten mindestens 80% der Geräte mit einer Sicherheit von mindestens 80% die Grenzwerte einhalten.“ Umgangssprachlich wird das als 80/80-Regel bezeichnet. Bei der Entwicklung der Grenzwerte wurde dies bereits berücksichtigt und die Grenzwerte entsprechend verschärft. In CISPR TR 16-4-3 und den Produktnormen zur Funkentstörung wie CISPR 11, CISPR 14.1 und CISPR 15 wurden von Anfang an folgende Methoden verwendet: • Prüfung auf der Basis der nichtzentralen t-Verteilung (allgemein 5 Geräte), • Prüfung auf der Basis der Binomial-Verteilung (mindestens 7 Geräte). Später wurde von den Autoren dieses Beitrags noch eine weitere Methode entwickelt und in die Normung aufgenommen, die in der Praxis besonders einfach anwendbar ist: • Prüfung auf der Basis eines allgemeinen Abstands zum Grenzwert (allgemein 5 Geräte). Alle 3 Methoden haben sich in der Praxis über viele Jahre bewährt

Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees

Secure group messaging protocols, providing end-to-end encryption for group communication, need to handle mobile devices frequently being offline, group members being added or removed, and the possibility of device compromises during long-lived chat sessions. Existing work targets a centralized network model in which all messages are routed through a single server, which is trusted to provide a consistent total order on updates to the group state. In this paper we adapt secure group messaging for decentralized networks that have no central authority. Servers may still optionally be used, but they are trusted less. We define decentralized continuous group key agreement (DCGKA), a new cryptographic primitive encompassing the core of a decentralized secure group messaging protocol; we give a practical construction of a DCGKA protocol and prove its security; and we describe how to construct a full messaging protocol from DCGKA. In the face of device compromise our protocol achieves forward secrecy and post-compromise security. We evaluate the performance of a prototype implementation, and demonstrate that our protocol has practical efficiency

„Ich bin eine Märchenerzählerin. So wurde ich geboren.“

Ist Tonke Dragt die große Neuerin der europäischen Kinder- und Jugendliteratur? Diese sicherlich provokante Frage nimmt der Sammelband in den Fokus, der auf die Tagung „'Ich bin eine Märchenerzählerin. So wurde ich geboren'. Tonke Dragts Jugendromane – übersehene Klassiker?", die im September 2019 an der Universität Siegen in Kooperation mit Helma van Lierop-Debrauwer stattgefunden hat, zurückgeht