A New Framework for Privacy-Preserving Aggregation of Time-Series Data

International audienceAggregator-oblivious encryption is a useful notion put forward by Shi et al. in 2011 that allows an untrusted aggregator to periodically compute an aggregate value over encrypted data contributed by a set of users. Such encryption schemes find numerous applications, in particular in the context of privacy-preserving smart metering.This paper presents a general framework for constructing privacy-preserving aggregator-oblivious encryption schemes using a variant of Cramer-Shoup's paradigm of smooth projective hashing. This abstraction leads to new schemes based on a variety of complexity assumptions. It also improves upon existing constructions, providing schemes with shorter ciphertexts and better encryption times

Born and Raised Distributively: Fully Distributed Non-Interactive Adaptively-Secure Threshold Signatures with Short Shares

International audienceThreshold cryptography is a fundamental distributed computational paradigm for enhancing the availability and the security of cryptographic public-key schemes. It does it by dividing private keys into $n$ shares handed out to distinct servers. In threshold signature schemes, a set of at least $t+1 \leq n$ servers is needed to produce a valid digital signature. Availability is assured by the fact that any subset of $t+1$ servers can produce a signature when authorized. At the same time, the scheme should remain robust (in the fault tolerance sense) and unforgeable (cryptographically) against up to $t$ corrupted servers; {\it i.e.}, it adds quorum control to traditional cryptographic services and introduces redundancy. Originally, most practical threshold signatures have a number of demerits: They have been analyzed in a static corruption model (where the set of corrupted servers is fixed at the very beginning of the attack), they require interaction, they assume a trusted dealer in the key generation phase (so that the system is not fully distributed), or they suffer from certain overheads in terms of storage (large share sizes). In this paper, we construct practical {\it fully distributed} (the private key is born distributed), non-interactive schemes -- where the servers can compute their partial signatures without communication with other servers -- with adaptive security ({\it i.e.}, the adversary corrupts servers dynamically based on its full view of the history of the system). Our schemes are very efficient in terms of computation, communication, and scalable storage (with private key shares of size $O(1)$, where certain solutions incur $O(n)$ storage costs at each server). Unlike other adaptively secure schemes, our schemes are erasure-free (reliable erasure is a hard to assure and hard to administer property in actual systems). To the best of our knowledge, such a fully distributed highly constrained scheme has been an open problem in the area. In particular, and of special interest, is the fact that Pedersen's traditional distributed key generation (DKG) protocol can be safely employed in the initial key generation phase when the system is born -- although it is well-known not to ensure uniformly distributed public keys. An advantage of this is that this protocol only takes one round optimistically (in the absence of faulty player)

Localization of deep brain activity with scalp and subdural EEG

To what extent electrocorticography (ECoG) and electroencephalography (scalp EEG) differ in their capability to locate sources of deep brain activity is far from evident. Compared to EEG, the spatial resolution and signal- to-noise ratio of ECoG is superior but its spatial coverage is more restricted, as is arguably the volume of tissue activity effectively measured from. Moreover, scalp EEG studies are providing evidence of locating activity from deep sources such as the hippocampus using high-density setups during quiet wakefulness. To address this question, we recorded a multimodal dataset from 4 patients with refractory epilepsy during quiet wakefulness. This data comprises simultaneous scalp, subdural and depth EEG electrode recordings. The latter was located in the hippocampus or insula and provided us with our "ground truth" for source localization of deep activity. We ap- plied independent component analysis (ICA) for the purpose of separating the independent sources in theta, alpha and beta frequency band activity. In all patients subdural- and scalp EEG components were observed which had a significant zero-lag correlation with one or more contacts of the depth electrodes. Subsequent dipole modeling of the correlating components revealed dipole locations that were significantly closer to the depth electrodes compared to the dipole location of non-correlating components. These findings support the idea that components found in both recording modalities originate from neural activity in close proximity to the depth electrodes. Sources localized with subdural electrodes were similar to 70% closer to the depth electrode than sources localized with EEG with an absolute improvement of around similar to 2cm. In our opinion, this is not a considerable improvement in source localization accuracy given that, for clinical purposes, ECoG electrodes were implanted in close proximity to the depth electrodes. Furthermore, the ECoG grid attenuates the scalp EEG, due to the electrically isolating silastic sheets in which the ECoG electrodes are embedded. Our results on dipole modeling show that the deep source localization accuracy of scalp EEG is comparable to that of ECoG. Significance Statement Deep and subcortical regions play an important role in brain function. However, as joint recordings at multiple spatial scales to study brain function in humans are still scarce, it is still unresolved to what extent ECoG and EEG differ in their capability to locate sources of deep brain activity. To the best of our knowledge, this is the first study presenting a dataset of simultaneously recorded EEG, ECoG and depth electrodes in the hippocampus or insula, with a focus on non-epileptiform activity (quiet wakefulness). Furthermore, we are the first study to provide experimental findings on the comparison of source localization of deep cortical structures between invasive and non-invasive brain activity measured from the cortical surface

Practical real-time MEG-based neural interfacing with optically pumped magnetometers

BackgroundBrain-computer interfaces decode intentions directly from the human brain with the aim to restore lost functionality, control external devices or augment daily experiences. To combine optimal performance with wide applicability, high-quality brain signals should be captured non-invasively. Magnetoencephalography (MEG) is a potent candidate but currently requires costly and confining recording hardware. The recently developed optically pumped magnetometers (OPMs) promise to overcome this limitation, but are currently untested in the context of neural interfacing.ResultsIn this work, we show that OPM-MEG allows robust single-trial analysis which we exploited in a real-time ‘mind-spelling’ application yielding an average accuracy of 97.7%.ConclusionsThis shows that OPM-MEG can be used to exploit neuro-magnetic brain responses in a practical and flexible manner, and opens up new avenues for a wide range of new neural interface applications in the future

A Buoyancy-Based Screen of Drosophila Larvae for Fat-Storage Mutants Reveals a Role for Sir2 in Coupling Fat Storage to Nutrient Availability

Obesity has a strong genetic component, but few of the genes that predispose to obesity are known. Genetic screens in invertebrates have the potential to identify genes and pathways that regulate the levels of stored fat, many of which are likely to be conserved in humans. To facilitate such screens, we have developed a simple buoyancy-based screening method for identifying mutant Drosophila larvae with increased levels of stored fat. Using this approach, we have identified 66 genes that when mutated increase organismal fat levels. Among these was a sirtuin family member, Sir2. Sirtuins regulate the storage and metabolism of carbohydrates and lipids by deacetylating key regulatory proteins. However, since mammalian sirtuins function in many tissues in different ways, it has been difficult to define their role in energy homeostasis accurately under normal feeding conditions. We show that knockdown of Sir2 in the larval fat body results in increased fat levels. Moreover, using genetic mosaics, we demonstrate that Sir2 restricts fat accumulation in individual cells of the fat body in a cell-autonomous manner. Consistent with this function, changes in the expression of metabolic enzymes in Sir2 mutants point to a shift away from catabolism. Surprisingly, although Sir2 is typically upregulated under conditions of starvation, Sir2 mutant larvae survive better than wild type under conditions of amino-acid starvation as long as sugars are provided. Our findings point to a Sir2-mediated pathway that activates a catabolic response to amino-acid starvation irrespective of the sugar content of the diet