Towards a Type System for Security APIs

Abstract. Security API analysis typically only considers a subset of an API’s functions, with results bounded by the number of function calls. Furthermore, attacks involving partial leakage of sensitive information are usually not covered. Type-based static analysis has the potential to alleviate these shortcomings. To that end, we present a type system for secure information flow based upon the one of Volpano, Smith and Irvine [1], extended with types for cryptographic keys and ciphertext similar to those in Sumii and Pierce [2]. In contrast to some other type systems, the encryption and decryption of keys does not require special treatment. We show that a well-typed sequence of commands is non-interferent, based upon a definition of indistinguishability where, in certain circumstances, the adversary can distinguish between ciphertexts that correspond to encrypted public data.

Improved Building Blocks for Secure Multi-Party Computation based on Secret Sharing with Honest Majority

Secure multi-party computation permits evaluation of any desired functionality on private data without disclosing the data to the participants and is gaining its popularity due to increasing collection of user, customer, or patient data and the need to analyze data sets distributed across different organizations without disclosing them. Because adoption of secure computation techniques depends on their performance in practice, it is important to continue improving their performance. In this work, we focus on common non-trivial operations used by many types of programs, and any advances in their performance would impact the runtime of programs that rely on them. In particular, we treat the operation of reading or writing an element of an array at a private location and integer multiplication. The focus of this work is secret sharing setting with honest majority in the semi-honest security model. We demonstrate improvement of the proposed techniques over prior constructions via analytical and empirical evaluation

Efficacy of ceftazidime-avibactam in a rat intra-abdominal abscess model against a ceftazidime- and meropenem-resistant isolate of Klebsiella pneumoniae carrying blaKPC-2

Efficacies of ceftazidime-avibactam (4:1 w/w) and ceftazidime were tested against ceftazidime-susceptible (blaKPC-2-negative), and meropenem- and ceftazidime-resistant (blaKPC-2-positive), Klebsiella pneumoniae in a 52-h, multiple dose, abdominal abscess model in the rat. Efficacies corresponded to minimum inhibitory concentrations (MICs) measured in vitro and were consistent with drug exposures modelled from pharmacokinetics in infected animals. The ceftazidime, ceftazidime-avibactam and meropenem control treatments were effective in the rat abscess model against the susceptible strain, whereas only ceftazidime-avibactam was effective against K. pneumoniae harbouring blaKPC-2

Extended Ensemble Theory, Spontaneous Symmetry Breaking, and Phase Transitions

In this paper, we suppose a possible extension of Gibbs ensemble theory so that it can provide a reasonable description to phase transitions and spontaneous symmetry breaking. The extension is founded on three hypotheses, and can be regarded as a microscopic edition of the Landau phenomenological theory of phase transitions. Within its framework, the state of a system is determined by the evolution of order parameter with temperature according to such a principle that the entropy of the system will reach its minimum in this state. The evolution of order parameter can cause change in representation of the system Hamiltonian, different phases will realize different representations. Physically, it turns out that phase transition originates from the automatic interference among matter waves as temperature is cooled down. Typical quantum many-body systems are studied with this extended ensemble theory. In particular, the theory predicts that the specific heat Cp of liquid He II will vanish linearly as T tends to zero, which is anticipating experimental verifications.Comment: 41 pages, 8 figures, content change

Circular and leakage resilient public-key encryption under subgroup indistinguishability (or: Quadratic residuosity strikes back)

30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. ProceedingsThe main results of this work are new public-key encryption schemes that, under the quadratic residuosity (QR) assumption (or Paillier’s decisional composite residuosity (DCR) assumption), achieve key-dependent message security as well as high resilience to secret key leakage and high resilience to the presence of auxiliary input information. In particular, under what we call the subgroup indistinguishability assumption, of which the QR and DCR are special cases, we can construct a scheme that has: • Key-dependent message (circular) security. Achieves security even when encrypting affine functions of its own secret key (in fact, w.r.t. affine “key-cycles” of predefined length). Our scheme also meets the requirements for extending key-dependent message security to broader classes of functions beyond affine functions using previous techniques of Brakerski et al. or Barak et al. • Leakage resiliency. Remains secure even if any adversarial low-entropy (efficiently computable) function of the secret key is given to the adversary. A proper selection of parameters allows for a “leakage rate” of (1 − o(1)) of the length of the secret key. • Auxiliary-input security. Remains secure even if any sufficiently hard to invert (efficiently computable) function of the secret key is given to the adversary. Our scheme is the first to achieve key-dependent security and auxiliary-input security based on the DCR and QR assumptions. Previous schemes that achieved these properties relied either on the DDH or LWE assumptions. The proposed scheme is also the first to achieve leakage resiliency for leakage rate (1 − o(1)) of the secret key length, under the QR assumption. We note that leakage resilient schemes under the DCR and the QR assumptions, for the restricted case of composite modulus product of safe primes, were implied by the work of Naor and Segev, using hash proof systems. However, under the QR assumption, known constructions of hash proof systems only yield a leakage rate of o(1) of the secret key length.Microsoft Researc

ABSENCE OF ORGAN SPECIFIC TOXICITY IN RATS TREATED WITH TONICA, AN AQUEOUS HERBAL HAEMATINIC PREPARATION

The sub-chronic toxicity of Tonica, an aqueous herbal haematinic prepared from the stem barks of Khaya senegalensis, Mitragyna stipulosa and Kigelia africana, was investigated in male Sprague-Dawley rats at 28, 280 and 560 mg kg -1 day -1, representing the normal human dose, 10x and 20x that dose, respectively for 6 weeks. The growth rate of animals over the period of treatment and certain serum biochemical and haematological indices as well as urinalysis and weight of selected organs at termination, were determined. Results show that the extract did not affect the weight gain of the animals with time or the mean wet weights of selected organs. Although there were slight but insignificant (p>0.05) elevations in WBC (16-27%) and PLT (8-11%) counts in Tonica-treated animals compared to controls at 10x and 20x the normal dose, most serum biochemical, haematological and urinalysis data indicated no significant differences (p>0.05) between tests and control rats. There were also no changes in the morphology of liver, kidney, lung and heart tissues as a result of Tonica treatment. These findings suggest that Tonica is safe at the dosage regimens administered to the animals in this study, and there appears to be no overt organ specific toxicity associated with it

Identification of cardiac MRI thresholds for risk stratification in pulmonary arterial hypertension

Rationale: Pulmonary arterial hypertension (PAH) is a life-shortening condition. The European Society of Cardiology and European Respiratory Society and the REVEAL (North American Registry to Evaluate Early and Long-Term PAH Disease Management) risk score calculator (REVEAL 2.0) identify thresholds to predict 1-year mortality. Objectives: This study evaluates whether cardiac magnetic resonance imaging (MRI) thresholds can be identified and used to aid risk stratification and facilitate decision-making. Methods: Consecutive patients with PAH (n = 438) undergoing cardiac MRI were identified from the ASPIRE (Assessing the Spectrum of Pulmonary Hypertension Identified at a Referral Center) MRI database. Thresholds were identified from a discovery cohort and evaluated in a test cohort. Measurements and Main Results: A percentage-predicted right ventricular end-systolic volume index threshold of 227% or a left ventricular end-diastolic volume index of 58 ml/m2 identified patients at low (10%) risk of 1-year mortality. These metrics respectively identified 63% and 34% of patients as low risk. Right ventricular ejection fraction >54%, 37–54%, and <37% identified 21%, 43%, and 36% of patients at low, intermediate, and high risk, respectively, of 1-year mortality. At follow-up cardiac MRI, patients who improved to or were maintained in a low-risk group had a 1-year mortality <5%. Percentage-predicted right ventricular end-systolic volume index independently predicted outcome and, when used in conjunction with the REVEAL 2.0 risk score calculator or a modified French Pulmonary Hypertension Registry approach, improved risk stratification for 1-year mortality. Conclusions: Cardiac MRI can be used to risk stratify patients with PAH using a threshold approach. Percentage-predicted right ventricular end-systolic volume index can identify a high percentage of patients at low-risk of 1-year mortality and, when used in conjunction with current risk stratification approaches, can improve risk stratification. This study supports further evaluation of cardiac MRI in risk stratification in PAH

Bayesian Mode Regression

This article has been made available through the Brunel Open Access Publishing Fund.Like mean, quantile and variance, mode is also an important measure of central tendency of a distribution. Many practical questions, particularly in the analysis of big data, such as \Which element (gene or le or signal) is the most typical one among all elements in a network?" are directly related to mode. Mode regression, which provides a convenient summary of how the regressors a ect the conditional mode, is totally di erent from other models based on conditional mean or conditional quantile or conditional variance. Some inference methods for mode regression exist but none of them is from the Bayesian perspective. This paper introduces Bayesian mode regression by exploring three different approaches, including their theoretic properties. The proposed approacher are illustrated using simulated datasets and a real data set