Frequency-revealing attacks against Frequency-hiding Order-preserving Encryption

Order-preserving encryption (OPE) allows efficient comparison operations over encrypted data and thus is popular in encrypted databases. However, most existing OPE schemes are vulnerable to inference attacks as they leak plaintext frequency. To this end, some frequency-hiding order-preserving encryption (FH-OPE) schemes are proposed and claim to prevent the leakage of frequency. FH-OPE schemes are considered an important step towards mitigating inference attacks. Unfortunately, there are still vulnerabilities in all existing FH-OPE schemes. In this work, we revisit the security of all existing FH-OPE schemes. We are the first to demonstrate that plaintext frequency hidden by them is recoverable. We present three ciphertext-only attacks named frequency-revealing attacks to recover plaintext frequency. We evaluate our attacks in three real-world datasets. They recover over 90% of plaintext frequency hidden by any existing FH-OPE scheme. With frequency revealed, we also show the potentiality to apply inference attacks on existing FH-OPE schemes. Our findings highlight the limitations of current FH-OPE schemes. Our attacks demonstrate that achieving frequency-hiding requires addressing the leakages of both non-uniform ciphertext distribution and insertion orders of ciphertexts, even though the leakage of insertion orders is always ignored in OPE

Heritable Targeted Inactivation of Myostatin Gene in Yellow Catfish (Pelteobagrus fulvidraco) Using Engineered Zinc Finger Nucleases

Yellow catfish (Pelteobagrus fulvidraco) is one of the most important freshwater aquaculture species in China. However, its small size and lower meat yield limit its edible value. Myostatin (MSTN) is a negative regulator of mammalian muscle growth. But, the function of Mstn in fish remains elusive. To explore roles of mstn gene in fish growth and create a strain of yellow catfish with high amount of muscle mass, we performed targeted disruption of mstn in yellow catfish using engineered zinc-finger nucleases (ZFNs). Employing zebrafish embryos as a screening system to identify ZFN activity, we obtained one pair of ZFNs that can edit mstn in yellow catfish genome. Using the ZFNs, we successfully obtained two founders (Founder July29-7 and Founder July29-8) carrying mutated mstn gene in their germ cells. The mutated mstn allele inherited from Founder July29-7 was a null allele (mstnnju6) containing a 4 bp insertion, predicted to encode function null Mstn. The mutated mstn inherited from Founder July29-8 was a complex type of mutation (mstnnju7), predicted to encode a protein lacking two amino acids in the N-terminal secretory signal of Mstn. Totally, we obtained 6 mstnnju6/+ and 14 mstnnju7/+ yellow catfish. To our best knowledge, this is the first endogenous gene knockout in aquaculture fish. Our result will help in understanding the roles of mstn gene in fish

Draft genome sequence of the Tibetan antelope

The Tibetan antelope (Pantholops hodgsonii) is endemic to the extremely inhospitable high-altitude environment of the Qinghai-Tibetan Plateau, a region that has a low partial pressure of oxygen and high ultraviolet radiation. Here we generate a draft genome of this artiodactyl and use it to detect the potential genetic bases of highland adaptation. Compared with other plain-dwelling mammals, the genome of the Tibetan antelope shows signals of adaptive evolution and gene-family expansion in genes associated with energy metabolism and oxygen transmission. Both the highland American pika, and the Tibetan antelope have signals of positive selection for genes involved in DNA repair and the production of ATPase. Genes associated with hypoxia seem to have experienced convergent evolution. Thus, our study suggests that common genetic mechanisms might have been utilized to enable high-altitude adaptation

Durvalumab Plus Carboplatin/Paclitaxel Followed by Maintenance Durvalumab With or Without Olaparib as First-Line Treatment for Advanced Endometrial Cancer: The Phase III DUO-E Trial

PURPOSE Immunotherapy and chemotherapy combinations have shown activity in endometrial cancer, with greater benefit in mismatch repair (MMR)-deficient (dMMR) than MMR-proficient (pMMR) disease. Adding a poly(ADP-ribose) polymerase inhibitor may improve outcomes, especially in pMMR disease. METHODS This phase III, global, double-blind, placebo-controlled trial randomly assigned eligible patients with newly diagnosed advanced or recurrent endometrial cancer 1:1:1 to: carboplatin/paclitaxel plus durvalumab placebo followed by placebo maintenance (control arm); carboplatin/paclitaxel plus durvalumab followed by maintenance durvalumab plus olaparib placebo (durvalumab arm); or carboplatin/paclitaxel plus durvalumab followed by maintenance durvalumab plus olaparib (durvalumab + olaparib arm). The primary end points were progression-free survival (PFS) in the durvalumab arm versus control and the durvalumab + olaparib arm versus control. RESULTS Seven hundred eighteen patients were randomly assigned. In the intention-to-treat population, statistically significant PFS benefit was observed in the durvalumab (hazard ratio [HR], 0.71 [95% CI, 0.57 to 0.89]; P = .003) and durvalumab + olaparib arms (HR, 0.55 [95% CI, 0.43 to 0.69]; P < .0001) versus control. Prespecified, exploratory subgroup analyses showed PFS benefit in dMMR (HR [durvalumab v control], 0.42 [95% CI, 0.22 to 0.80]; HR [durvalumab + olaparib v control], 0.41 [95% CI, 0.21 to 0.75]) and pMMR subgroups (HR [durvalumab v control], 0.77 [95% CI, 0.60 to 0.97]; HR [durvalumab + olaparib v control] 0.57; [95% CI, 0.44 to 0.73]); and in PD-L1-positive subgroups (HR [durvalumab v control], 0.63 [95% CI, 0.48 to 0.83]; HR [durvalumab + olaparib v control], 0.42 [95% CI, 0.31 to 0.57]). Interim overall survival results (maturity approximately 28%) were supportive of the primary outcomes (durvalumab v control: HR, 0.77 [95% CI, 0.56 to 1.07]; P = .120; durvalumab + olaparib v control: HR, 0.59 [95% CI, 0.42 to 0.83]; P = .003). The safety profiles of the experimental arms were generally consistent with individual agents. CONCLUSION Carboplatin/paclitaxel plus durvalumab followed by maintenance durvalumab with or without olaparib demonstrated a statistically significant and clinically meaningful PFS benefit in patients with advanced or recurrent endometrial cancer

Attribute-based fine-grained access control with efficient revocation in cloud storage systems

A cloud storage service allows data owner to outsource their data to the cloud and through which provide the data access to the users. Because the cloud server and the data owner are not in the same trust domain, the semi-trusted cloud server cannot be relied to enforce the access policy. To address this challenge, traditional methods usually require the data owner to encrypt the data and deliver decryption keys to authorized users. These methods, however, normally involve complicated key management and high overhead on data owner. In this paper, we design an access control framework for cloud storage systems that achieves fine-grained access control based on an adapted Ciphertext-Policy Attribute-based Encryption (CP-ABE) approach. In the proposed scheme, an efficient attribute revocation method is proposed to cope with the dynamic changes of users\u27 access privileges in large-scale systems. The analysis shows that the proposed access control scheme is provably secure in the random oracle model and efficient to be applied into practice. © 2013 ACM

Secure and Verifiable Policy Update Outsourcing for Big Data Access Control in the Cloud

Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, as the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-based encryption (ABE) is a promising technique to ensure the end-To-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method, however, incurs a high communication overhead and heavy computation burden on data owners. In this paper, we propose a novel scheme that enabling efficient access control with dynamic policy updating for big data in the cloud. We focus on developing an outsourced policy updating method for ABE systems. Our method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Moreover, we also propose policy updating algorithms for different types of access policies. Finally, we propose an efficient and secure method that allows data owner to check whether the cloud server has updated the ciphertexts correctly. The analysis shows that our policy updating outsourcing scheme is correct, complete, secure and efficient

Enabling efficient access control with dynamic policy updating for big data in the cloud

Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, because the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method incurs a high communication overhead and heavy computation burden on data owners. In this paper, we propose a novel scheme that enabling efficient access control with dynamic policy updating for big data in the cloud. We focus on developing an outsourced policy updating method for ABE systems. Our method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Moreover, we also design policy updating algorithms for different types of access policies. The analysis show that our scheme is correct, complete, secure and efficient. © 2014 IEEE