60 research outputs found
Theoretical studies of a hydrogen abstraction tool for nanotechnology
In the design of a nanoscale, site-specific hydrogen abstraction tool, the authors suggest the use of an alkynyl radical tip. Using ab initio quantum-chemistry techniques including electron correlation they model the abstraction of hydrogen from dihydrogen, methane, acetylene, benzene and isobutane by the acetylene radical. By conservative estimates, the abstraction barrier is small (less than 7.7 kcal mol^-1) in all cases except for acetylene and zero in the case of isobutane. Thermal vibrations at room temperature should be sufficient to supply the small activation energy. Several methods of creating the radical in a controlled vacuum setting should be feasible. The authors show how nanofabrication processes can be accurately and inexpensively designed in a computational framework
The Software Heritage Graph Dataset: Large-scale Analysis of Public Software Development History
International audienceSoftware Heritage is the largest existing public archive of software source code and accompanying development history. It spans more than five billion unique source code files and one billion unique commits , coming from more than 80 million software projects. These software artifacts were retrieved from major collaborative development platforms (e.g., GitHub, GitLab) and package repositories (e.g., PyPI, Debian, NPM), and stored in a uniform representation linking together source code files, directories, commits, and full snapshots of version control systems (VCS) repositories as observed by Software Heritage during periodic crawls. This dataset is unique in terms of accessibility and scale, and allows to explore a number of research questions on the long tail of public software development, instead of solely focusing on "most starred" repositories as it often happens
SmartOTPs: An Air-Gapped 2-Factor Authentication for Smart-Contract Wallets
With the recent rise of cryptocurrencies' popularity, the security and
management of crypto-tokens have become critical. We have witnessed many
attacks on users and providers, which have resulted in significant financial
losses. To remedy these issues, several wallet solutions have been proposed.
However, these solutions often lack either essential security features,
usability, or do not allow users to customize their spending rules.
In this paper, we propose SmartOTPs, a smart-contract wallet framework that
gives a flexible, usable, and secure way of managing crypto-tokens in a
self-sovereign fashion. The proposed framework consists of four components
(i.e., an authenticator, a client, a hardware wallet, and a smart contract),
and it provides 2-factor authentication (2FA) performed in two stages of
interaction with the blockchain. To the best of our knowledge, our framework is
the first one that utilizes one-time passwords (OTPs) in the setting of the
public blockchain. In SmartOTPs, the OTPs are aggregated by a Merkle tree and
hash chains whereby for each authentication only a short OTP (e.g., 16B-long)
is transferred from the authenticator to the client. Such a novel setting
enables us to make a fully air-gapped authenticator by utilizing small QR codes
or a few mnemonic words, while additionally offering resilience against quantum
cryptanalysis. We have made a proof-of-concept based on the Ethereum platform.
Our cost analysis shows that the average cost of a transfer operation is
comparable to existing 2FA solutions using smart contracts with
multi-signatures
Forking Without Clicking: on How to Identify Software Repository Forks
International audienceThe notion of software "fork" has been shifting over time from the (negative) phenomenon of community disagreements that result in the creation of separate development lines and ultimately software products, to the (positive) practice of using distributed version control system (VCS) repositories to collaboratively improve a single product without stepping on each others toes. In both cases the VCS repositories participating in a fork share parts of a common development history. Studies of software forks generally rely on hosting platform metadata, such as GitHub, as the source of truth for what constitutes a fork. These "forge forks" however can only identify as forks repositories that have been created on the platform, e.g., by clicking a "fork" button on the platform user interface. The increased diversity in code hosting platforms (e.g., GitLab) and the habits of significant development communities (e.g., the Linux kernel, which is not primarily hosted on any single platform) call into question the reliability of trusting code hosting platforms to identify forks. Doing so might introduce selection and methodological biases in empirical studies. In this article we explore various definitions of "software forks", trying to capture forking workflows that exist in the real world. We quantify the differences in how many repositories would be identified as forks on GitHub according to the various definitions, confirming that a significant number could be overlooked by only considering forge forks. We study the structure and size of fork networks , observing how they are affected by the proposed definitions and discuss the potential impact on empirical research
Verified Security of BLT Signature Scheme
The majority of real-world applications of digital signatures use timestamping to ensure non-repudiation in face of possible key revocations. This observation led Buldas, Laanoja, and Truu to a server-assisted digital signature scheme built around cryptographic timestamping.
In this paper, we report on the machine-checked proofs of existential unforgeability under the chosen-message attack (EUF-CMA) of some variations of BLT digital signature scheme. The proofs are developed and verified using the EasyCrypt framework, which provides interactive theorem proving supported by the state-of-the-art SMT solvers
Open peer-to-peer systems over blockchain and ipfs: An agent oriented framework
In recent years, the increasing concerns around the centralized cloud web services (e.g. privacy, governance, surveillance, security) have triggered the emergence of new distributed technologies, such as IPFS or the Blockchain. These innovations have tackled technical challenges that were unresolved until their appearance. Existing models of peer-to-peer systems need a revision to cover the spectrum of potential systems that can be now implemented as peer-to-peer systems. This work presents a framework to build these systems. It uses an agent-oriented approach in an open environment where agents have only partial information of the system data. The proposal covers data access, data discovery and data trust in peer-to-peer systems where different actors may interact. Moreover, the framework proposes a distributed architecture for these open systems, and provides guidelines to decide in which cases Blockchain technology may be required, or when other technologies may be sufficient
- …