Practical Attacks on Cryptographically End-to-end Verifiable Internet Voting Systems

Cryptographic end-to-end verifiable voting technologies concern themselves with the provision of a more trustworthy, transparent, and robust elections. To provide voting systems with more transparency and accountability throughout the process while preserving privacy which allows voters to express their true intent. Helios Voting is one of these systems---an online platform where anyone can easily host their own cryptographically end-to-end verifiable election, aiming to bring verifiable voting to the masses. Helios does this by providing explicit cryptographic checks that an election was counted correctly, checks that any member of the public can independently verify. All of this while still protecting one of the essential properties of open democracy, voter privacy. In spite of these cryptographic checks and the strong mathematical assertions of correctness they provide, this thesis discusses the discovery and exploit of three vulnerabilities. The first is the insufficient validation of cryptographic elements in Helios ballots uploaded by users. This allows a disgruntled voter to cast a carefully crafted ballot which will prevent an election from being tallied. The second vulnerability is the insufficient validation of cryptographic parameters used in ElGamal by an election official. This leads to an attack where the election official can upload weak parameters allowing the official to cast arbitrary votes in a single ballot. The final attack is a cross-site scripting attack that would allow anyone to steal or re-cast ballots on behalf of victims. We coordinated disclosure with the Helios developers and provided fixes for all the vulnerabilities outlined in the thesis. Additionally, this thesis adds to the body of work highlighting the fragility of internet voting applications and discusses the unique challenges faced by internet voting applications

Indiscreet Logs: Persistent Diffie-Hellman Backdoors in TLS

Software implementations of discrete logarithm based cryptosystems over finite fields typically make the assumption that any domain parameters they are presented with are trustworthy, i.e., the parameters implement cyclic groups where the discrete logarithm problem is assumed to be hard. An informal and widespread justification for this seemingly exists that says validating parameters at run time is too computationally expensive relative to the perceived risk of a server sabotaging the privacy of its own connection. In this paper we explore this trust assumption and examine situations where it may not always be justified. We conducted an investigation of discrete logarithm domain parameters in use across the Internet and discovered evidence of a multitude of potentially backdoored moduli of unknown order in TLS and STARTTLS spanning numerous countries, organizations, and protocols. Although our disclosures resulted in a number of organizations taking down suspicious parameters, we argue the potential for TLS backdoors is systematic and will persist until either until better parameter hygiene is taken up by the community, or finite field based cryptography is eliminated altogether

Small conductance calcium-activated potassium current and the mechanism of atrial arrhythmia in mice with dysfunctional melanocyte-like cells

BACKGROUND: The melanin synthesis enzyme dopachrome tautomerase (Dct) regulates intracellular Ca(2+) in melanocytes. Homozygous Dct knockout (Dct(-/-)) adult mice are vulnerable to atrial arrhythmias (AA). OBJECTIVE: The purpose of this study was to determine whether apamin-sensitive small conductance Ca(2+)-activated K(+) (SK) currents are upregulated in Dct(-/-) mice and contribute to AA. METHODS: Optical mapping was used to study the membrane potential of the right atrium in Langendorff perfused Dct(-/-) (n = 9) and Dct(+/-) (n = 9) mice. RESULTS: Apamin prolonged action potential duration (APD) by 18.8 ms (95% confidence interval [CI] 13.4-24.1 ms) in Dct(-/-) mice and by 11.5 ms (95% CI 5.4-17.6 ms) in Dct(+/-) mice at a pacing cycle length of 150 ms (P = .047). The pacing cycle length threshold to induce APD alternans was 48 ms (95% CI 34-62 ms) for Dct(-/-) mice and 21 ms (95% CI 12-29 ms) for Dct(+/-) mice (P = .002) at baseline, and it was 35 ms (95% CI 21-49 ms) for Dct(-/-) mice and 22 ms (95% CI 11-32 ms) for Dct(+/-) mice (P = .025) after apamin administration. Apamin prolonged post-burst pacing APD by 8.9 ms (95% CI 3.9-14.0 ms) in Dct(-/-) mice and by 1.5 ms (95% CI 0.7-2.3 ms) in Dct(+/-) mice (P = .005). Immunoblot and quantitative polymerase chain reaction analyses showed that protein and transcripts levels of SK1 and SK3 were increased in the right atrium of Dct(-/-) mice. AA inducibility (89% vs 11%; P = .003) and duration (281 seconds vs 66 seconds; P = .008) were greater in Dct(-/-) mice than in Dct(+/-) mice at baseline, but not different (22% vs 11%; P = 1.00) after apamin administration. Five of 8 (63%) induced atrial fibrillation episodes in Dct(-/-) mice had focal drivers. CONCLUSION: Apamin-sensitive SK current upregulation in Dct(-/-) mice plays an important role in the mechanism of AA

Linear B-cell epitopes in the spike and nucleocapsid proteins as markers of SARS-CoV-2 exposure and disease severity

BACKGROUND Given the unceasing worldwide surge in COVID-19 cases, there is an imperative need to develop highly specific and sensitive serology assays to define exposure to Severe Acute Respiratory Syndrome Coronavirus 2 (SARS-CoV-2). METHODS Pooled plasma samples from PCR positive COVID-19 patients were used to identify linear B-cell epitopes from a SARS-CoV-2 peptide library of spike (S), envelope (E), membrane (M), and nucleocapsid (N) structural proteins by peptide-based ELISA. Hit epitopes were further validated with 79 COVID-19 patients with different disease severity status, 13 seasonal human CoV, 20 recovered SARS patients and 22 healthy donors. FINDINGS Four immunodominant epitopes, S14P5, S20P2, S21P2 and N4P5, were identified on the S and N viral proteins. IgG responses to all identified epitopes displayed a strong detection profile, with N4P5 achieving the highest level of specificity (100%) and sensitivity (>96%) against SARS-CoV-2. Furthermore, the magnitude of IgG responses to S14P5, S21P2 and N4P5 were strongly associated with disease severity. INTERPRETATION IgG responses to the peptide epitopes can serve as useful indicators for the degree of immunopathology in COVID-19 patients, and function as higly specific and sensitive sero-immunosurveillance tools for recent or past SARS-CoV-2 infections. The flexibility of these epitopes to be used alone or in combination will allow for the development of improved point-of-care-tests (POCTs)

Pan-Cancer Analysis of lncRNA Regulation Supports Their Targeting of Cancer Genes in Each Tumor Context

Long noncoding RNAs (lncRNAs) are commonly dys-regulated in tumors, but only a handful are known toplay pathophysiological roles in cancer. We inferredlncRNAs that dysregulate cancer pathways, onco-genes, and tumor suppressors (cancer genes) bymodeling their effects on the activity of transcriptionfactors, RNA-binding proteins, and microRNAs in5,185 TCGA tumors and 1,019 ENCODE assays.Our predictions included hundreds of candidateonco- and tumor-suppressor lncRNAs (cancerlncRNAs) whose somatic alterations account for thedysregulation of dozens of cancer genes and path-ways in each of 14 tumor contexts. To demonstrateproof of concept, we showed that perturbations tar-geting OIP5-AS1 (an inferred tumor suppressor) andTUG1 and WT1-AS (inferred onco-lncRNAs) dysre-gulated cancer genes and altered proliferation ofbreast and gynecologic cancer cells. Our analysis in-dicates that, although most lncRNAs are dysregu-lated in a tumor-specific manner, some, includingOIP5-AS1, TUG1, NEAT1, MEG3, and TSIX, synergis-tically dysregulate cancer pathways in multiple tumorcontexts

Pan-cancer Alterations of the MYC Oncogene and Its Proximal Network across the Cancer Genome Atlas

Although theMYConcogene has been implicated incancer, a systematic assessment of alterations ofMYC, related transcription factors, and co-regulatoryproteins, forming the proximal MYC network (PMN),across human cancers is lacking. Using computa-tional approaches, we define genomic and proteo-mic features associated with MYC and the PMNacross the 33 cancers of The Cancer Genome Atlas.Pan-cancer, 28% of all samples had at least one ofthe MYC paralogs amplified. In contrast, the MYCantagonists MGA and MNT were the most frequentlymutated or deleted members, proposing a roleas tumor suppressors.MYCalterations were mutu-ally exclusive withPIK3CA,PTEN,APC,orBRAFalterations, suggesting that MYC is a distinct onco-genic driver. Expression analysis revealed MYC-associated pathways in tumor subtypes, such asimmune response and growth factor signaling; chro-matin, translation, and DNA replication/repair wereconserved pan-cancer. This analysis reveals insightsinto MYC biology and is a reference for biomarkersand therapeutics for cancers with alterations ofMYC or the PMN

Genomic, Pathway Network, and Immunologic Features Distinguishing Squamous Carcinomas

This integrated, multiplatform PanCancer Atlas study co-mapped and identified distinguishing molecular features of squamous cell carcinomas (SCCs) from five sites associated with smokin

Spatial Organization and Molecular Correlation of Tumor-Infiltrating Lymphocytes Using Deep Learning on Pathology Images

Beyond sample curation and basic pathologic characterization, the digitized H&E-stained images of TCGA samples remain underutilized. To highlight this resource, we present mappings of tumorinfiltrating lymphocytes (TILs) based on H&E images from 13 TCGA tumor types. These TIL maps are derived through computational staining using a convolutional neural network trained to classify patches of images. Affinity propagation revealed local spatial structure in TIL patterns and correlation with overall survival. TIL map structural patterns were grouped using standard histopathological parameters. These patterns are enriched in particular T cell subpopulations derived from molecular measures. TIL densities and spatial structure were differentially enriched among tumor types, immune subtypes, and tumor molecular subtypes, implying that spatial infiltrate state could reflect particular tumor cell aberration states. Obtaining spatial lymphocytic patterns linked to the rich genomic characterization of TCGA samples demonstrates one use for the TCGA image archives with insights into the tumor-immune microenvironment

Data-Driven Analysis of COVID-19 Reveals Persistent Immune Abnormalities in Convalescent Severe Individuals

Severe SARS-CoV-2 infection can trigger uncontrolled innate and adaptive immune responses, which are commonly associated with lymphopenia and increased neutrophil counts. However, whether the immune abnormalities observed in mild to severely infected patients persist into convalescence remains unclear. Herein, comparisons were drawn between the immune responses of COVID-19 infected and convalescent adults. Strikingly, survivors of severe COVID-19 had decreased proportions of NKT and Vδ2 T cells, and increased proportions of low-density neutrophils, IgA+/CD86+/CD123+ non-classical monocytes and hyperactivated HLADR+CD38+ CD8+ T cells, and elevated levels of pro-inflammatory cytokines such as hepatocyte growth factor and vascular endothelial growth factor A, long after virus clearance. Our study suggests potential immune correlates of “long COVID-19”, and defines key cells and cytokines that delineate true and quasi-convalescent states