Optimal non-perfect uniform secret sharing schemes

A secret sharing scheme is non-perfect if some subsets of participants that cannot recover the secret value have partial information about it. The information ratio of a secret sharing scheme is the ratio between the maximum length of the shares and the length of the secret. This work is dedicated to the search of bounds on the information ratio of non-perfect secret sharing schemes. To this end, we extend the known connections between polymatroids and perfect secret sharing schemes to the non-perfect case. In order to study non-perfect secret sharing schemes in all generality, we describe their structure through their access function, a real function that measures the amount of information that every subset of participants obtains about the secret value. We prove that there exists a secret sharing scheme for every access function. Uniform access functions, that is, the ones whose values depend only on the number of participants, generalize the threshold access structures. Our main result is to determine the optimal information ratio of the uniform access functions. Moreover, we present a construction of linear secret sharing schemes with optimal information ratio for the rational uniform access functions.Peer ReviewedPostprint (author's final draft

Ideal hierarchical secret sharing schemes

Hierarchical secret sharing is among the most natural generalizations of threshold secret sharing, and it has attracted a lot of attention from the invention of secret sharing until nowadays. Several constructions of ideal hierarchical secret sharing schemes have been proposed, but it was not known what access structures admit such a scheme. We solve this problem by providing a natural definition for the family of the hierarchical access structures and, more importantly, by presenting a complete characterization of the ideal hierarchical access structures, that is, the ones admitting an ideal secret sharing scheme. Our characterization deals with the properties of the hierarchically minimal sets of the access structure, which are the minimal qualified sets whose participants are in the lowest possible levels in the hierarchy. By using our characterization, it can be efficiently checked whether any given hierarchical access structure that is defined by its hierarchically minimal sets is ideal. We use the well known connection between ideal secret sharing and matroids and, in particular, the fact that every ideal access structure is a matroid port. In addition, we use recent results on ideal multipartite access structures and the connection between multipartite matroids and integer polymatroids. We prove that every ideal hierarchical access structure is the port of a representable matroid and, more specifically, we prove that every ideal structure in this family admits ideal linear secret sharing schemes over fields of all characteristics. In addition, methods to construct such ideal schemes can be derived from the results in this paper and the aforementioned ones on ideal multipartite secret sharing. Finally, we use our results to find a new proof for the characterization of the ideal weighted threshold access structures that is simpler than the existing one.Peer ReviewedPostprint (author's final draft

Time evolution and observables in constrained systems

The discussion is limited to first-class parametrized systems, where the definition of time evolution and observables is not trivial, and to finite dimensional systems in order that technicalities do not obscure the conceptual framework. The existence of reasonable true, or physical, degrees of freedom is rigorously defined and called {\em local reducibility}. A proof is given that any locally reducible system admits a complete set of perennials. For locally reducible systems, the most general construction of time evolution in the Schroedinger and Heisenberg form that uses only geometry of the phase space is described. The time shifts are not required to be 1symmetries. A relation between perennials and observables of the Schroedinger or Heisenberg type results: such observables can be identified with certain classes of perennials and the structure of the classes depends on the time evolution. The time evolution between two non-global transversal surfaces is studied. The problem is posed and solved within the framework of the ordinary quantum mechanics. The resulting non-unitarity is different from that known in the field theory (Hawking effect): state norms need not be preserved so that the system can be lost during the evolution of this kind.Comment: 31 pages, Latex fil

EmLog:Tamper-Resistant System Logging for Constrained Devices with TEEs

Remote mobile and embedded devices are used to deliver increasingly impactful services, such as medical rehabilitation and assistive technologies. Secure system logging is beneficial in these scenarios to aid audit and forensic investigations particularly if devices bring harm to end-users. Logs should be tamper-resistant in storage, during execution, and when retrieved by a trusted remote verifier. In recent years, Trusted Execution Environments (TEEs) have emerged as the go-to root of trust on constrained devices for isolated execution of sensitive applications. Existing TEE-based logging systems, however, focus largely on protecting server-side logs and offer little protection to constrained source devices. In this paper, we introduce EmLog -- a tamper-resistant logging system for constrained devices using the GlobalPlatform TEE. EmLog provides protection against complex software adversaries and offers several additional security properties over past schemes. The system is evaluated across three log datasets using an off-the-shelf ARM development board running an open-source, GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory overhead (1MB heap and stack), 430--625 logs/second throughput, and five-times persistent storage overhead versus unprotected logs.Comment: Accepted at the 11th IFIP International Conference on Information Security Theory and Practice (WISTP '17

Area metric gravity and accelerating cosmology

Area metric manifolds emerge as effective classical backgrounds in quantum string theory and quantum gauge theory, and present a true generalization of metric geometry. Here, we consider area metric manifolds in their own right, and develop in detail the foundations of area metric differential geometry. Based on the construction of an area metric curvature scalar, which reduces in the metric-induced case to the Ricci scalar, we re-interpret the Einstein-Hilbert action as dynamics for an area metric spacetime. In contrast to modifications of general relativity based on metric geometry, no continuous deformation scale needs to be introduced; the extension to area geometry is purely structural and thus rigid. We present an intriguing prediction of area metric gravity: without dark energy or fine-tuning, the late universe exhibits a small acceleration.Comment: 52 pages, 1 figure, companion paper to hep-th/061213

Secure multiparty PageRank algorithm for collaborative fraud detection

Collaboration between financial institutions helps to improve detection of fraud. However, exchange of relevant data between these institutions is often not possible due to privacy constraints and data confidentiality. An important example of relevant data for fraud detection is given by a transaction graph, where the nodes represent bank accounts and the links consist of the transactions between these accounts. Previous works show that features derived from such graphs, like PageRank, can be used to improve fraud detection. However, each institution can only see a part of the whole transaction graph, corresponding to the accounts of its own customers. In this research a new method is described, making use of secure multiparty computation (MPC) techniques, allowing multiple parties to jointly compute the PageRank values of their combined transaction graphs securely, while guaranteeing that each party only learns the PageRank values of its own accounts and nothing about the other transaction graphs. In our experiments this method is applied to graphs containing up to tens of thousands of nodes. The execution time scales linearly with the number of nodes, and the method is highly parallelizable. Secure multiparty PageRank is feasible in a realistic setting with millions of nodes per party by extrapolating the results from our experiments

On the Theory of Killing Orbits in Space-Time

This paper gives a theoretical discussion of the orbits and isotropies which arise in a space-time which admits a Lie algebra of Killing vector fields. The submanifold structure of the orbits is explored together with their induced Killing vector structure. A general decomposition of a space-time in terms of the nature and dimension of its orbits is given and the concept of stability and instability for orbits introduced. A general relation is shown linking the dimensions of the Killing algebra, the orbits and the isotropies. The well-behaved nature of "stable" orbits and the possible miss-behaviour of the "unstable" ones is pointed out and, in particular, the fact that independent Killing vector fields in space-time may not induce independent such vector fields on unstable orbits. Several examples are presented to exhibit these features. Finally, an appendix is given which revisits and attempts to clarify the well-known theorem of Fubini on the dimension of Killing orbits.Comment: Latex, 19 pages, no figur

Secure Multiparty Computation from SGX

International audienceIsolated Execution Environments (IEE) offered by novel commodity hardware such as Intel's SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party's inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load-essentially that of computing the functionality-is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation

The complications of ‘hiring a hubby’: gender relations and the commoditisation of home maintenance in New Zealand

This paper examines the commoditization of traditionally male domestic tasks through interviews with handymen who own franchises in the company ‘Hire a Hubby’ in New Zealand and homeowners who have paid for home repair tasks to be done. Discussions of the commoditization of traditionally female tasks in the home have revealed the emotional conflicts of paying others to care as well as the exploitative and degrading conditions that often arise when work takes place behind closed doors. By examining the working conditions and relationships involved when traditionally male tasks are paid for, this paper raises important questions about the valuing of reproductive labour and the production of gendered identities. The paper argues that while working conditions and rates of pay for ‘hubbies’ are better than those for people undertaking commoditized forms of traditionally female domestic labour, the negotiation of this work is still complex and implicated in gendered relations and identities. Working on the home was described by interviewees as an expression of care for family and a performance of the ‘right’ way to be a ‘Kiwi bloke’ and a father. Paying others to do this labour can imply a failure in a duty of care and in the performance of masculinity