Non-malleable encryption: simpler, shorter, stronger

In a seminal paper, Dolev et al. [15] introduced the notion of non-malleable encryption (NM-CPA). This notion is very intriguing since it suffices for many applications of chosen-ciphertext secure encryption (IND-CCA), and, yet, can be generically built from semantically secure (IND-CPA) encryption, as was shown in the seminal works by Pass et al. [29] and by Choi et al. [9], the latter of which provided a black-box construction. In this paper we investigate three questions related to NM-CPA security: 1. Can the rate of the construction by Choi et al. of NM-CPA from IND-CPA be improved? 2. Is it possible to achieve multi-bit NM-CPA security more efficiently from a single-bit NM-CPA scheme than from IND-CPA? 3. Is there a notion stronger than NM-CPA that has natural applications and can be achieved from IND-CPA security? We answer all three questions in the positive. First, we improve the rate in the scheme of Choi et al. by a factor O(λ), where λ is the security parameter. Still, encrypting a message of size O(λ) would require ciphertext and keys of size O(λ2) times that of the IND-CPA scheme, even in our improved scheme. Therefore, we show a more efficient domain extension technique for building a λ-bit NM-CPA scheme from a single-bit NM-CPA scheme with keys and ciphertext of size O(λ) times that of the NM-CPA one-bit scheme. To achieve our goal, we define and construct a novel type of continuous non-malleable code (NMC), called secret-state NMC, as we show that standard continuous NMCs are not enough for the natural “encode-then-encrypt-bit-by-bit” approach to work. Finally, we introduce a new security notion for public-key encryption that we dub non-malleability under (chosen-ciphertext) self-destruct attacks (NM-SDA). After showing that NM-SDA is a strict strengthening of NM-CPA and allows for more applications, we nevertheless show that both of our results—(faster) construction from IND-CPA and domain extension from one-bit scheme—also hold for our stronger NM-SDA security. In particular, the notions of IND-CPA, NM-CPA, and NM-SDA security are all equivalent, lying (plausibly, strictly?) below IND-CCA securit

Revisiting Deniability in Quantum Key Exchange via Covert Communication and Entanglement Distillation

We revisit the notion of deniability in quantum key exchange (QKE), a topic that remains largely unexplored. In the only work on this subject by Donald Beaver, it is argued that QKE is not necessarily deniable due to an eavesdropping attack that limits key equivocation. We provide more insight into the nature of this attack and how it extends to other constructions such as QKE obtained from uncloneable encryption. We then adopt the framework for quantum authenticated key exchange, developed by Mosca et al., and extend it to introduce the notion of coercer-deniable QKE, formalized in terms of the indistinguishability of real and fake coercer views. Next, we apply results from a recent work by Arrazola and Scarani on covert quantum communication to establish a connection between covert QKE and deniability. We propose DC-QKE, a simple deniable covert QKE protocol, and prove its deniability via a reduction to the security of covert QKE. Finally, we consider how entanglement distillation can be used to enable information-theoretically deniable protocols for QKE and tasks beyond key exchange.Comment: 16 pages, published in the proceedings of NordSec 201

UC-Secure OT from LWE, Revisited

We build a two-round, UC-secure oblivious transfer protocol (OT) in the common reference string (CRS) model under the Learning with Errors assumption (LWE) with sub-exponential modulus-to-noise ratio. We do so by instantiating the dual-mode encryption framework of Peikert, Vaikuntanathan and Waters (CRYPTO\u2708). The resulting OT can be instantiated in either one of two modes: one providing statistical sender security, and the other statistical receiver security. Furthermore, our scheme allows the sender and the receiver to reuse the CRS across arbitrarily many executions of the protocol. To the best of our knowledge, this gives the first construction of a UC-secure OT from LWE that achieves both statistical receiver security and unbounded reusability of the CRS. For comparison, there was, until recently, no such construction from LWE satisfying either one of these two properties. In particular, the construction of UC-secure OT from LWE of Peikert, Vaikuntanathan and Waters only provides computational receiver security and bounded reusability of the CRS. Our main technical contribution is a public-key encryption scheme from LWE where messy public keys (under which encryptions hide the underlying message statistically) can be recognized in time essentially independent of the LWE modulus $q$

Detection of a Single Identical Cytomegalovirus (CMV) Strain in Recently Seroconverted Young Women

Infection with multiple CMV strains is common in immunocompromised hosts, but its occurrence in normal hosts has not been well-studied.We analyzed CMV strains longitudinally in women who acquired CMV while enrolled in a CMV glycoprotein B (gB) vaccine trial. Sequencing of four variable genes was performed in samples collected from seroconversion and up to 34 months thereafter.199 cultured isolates from 53 women and 65 original fluids from a subset of 19 women were sequenced. 51 women were infected with one strain each without evidence for genetic drift; only two women shed multiple strains. Genetic variability among strains increased with the number of sequenced genetic loci. Nevertheless, 13 of 53 women proved to be infected with an identical CMV strain based on sequencing at all four variable genes. CMV vaccine did not alter the degree of genetic diversity amongst strains.Primary CMV infection in healthy women nearly always involves shedding of one strain that remains stable over time. Immunization with CMVgB-1 vaccine strain is not selective against specific strains. Although 75% of women harbored their unique strain, or a strain shared with only one other woman, 25% shared a single common strain, suggesting that this predominant strain with a particular combination of genetic loci is advantageous in this large urban area

Round-Optimal Secure Multi-Party Computation

Secure multi-party computation (MPC) is a central cryptographic task that allows a set of mutually distrustful parties to jointly compute some function of their private inputs where security should hold in the presence of a malicious adversary that can corrupt any number of parties. Despite extensive research, the precise round complexity of this standard-bearer\u27\u27 cryptographic primitive is unknown. Recently, Garg, Mukherjee, Pandey and Polychroniadou, in EUROCRYPT 2016 demonstrated that the round complexity of any MPC protocol relying on black-box proofs of security in the plain model must be at least four. Following this work, independently Ananth, Choudhuri and Jain, CRYPTO 2017 and Brakerski, Halevi, and Polychroniadou, TCC 2017 made progress towards solving this question and constructed four-round protocols based on non-polynomial time assumptions. More recently, Ciampi, Ostrovsky, Siniscalchi and Visconti in TCC 2017 closed the gap for two-party protocols by constructing a four-round protocol from polynomial-time assumptions. In another work, Ciampi, Ostrovsky, Siniscalchi and Visconti TCC 2017 showed how to design a four-round multi-party protocol for the specific case of multi-party coin-tossing. In this work, we resolve this question by designing a four-round actively secure multi-party (two or more parties) protocol for general functionalities under standard polynomial-time hardness assumptions with a black-box proof of security

A glimpse into the differential topology and geometry of optimal transport

This note exposes the differential topology and geometry underlying some of the basic phenomena of optimal transportation. It surveys basic questions concerning Monge maps and Kantorovich measures: existence and regularity of the former, uniqueness of the latter, and estimates for the dimension of its support, as well as the associated linear programming duality. It shows the answers to these questions concern the differential geometry and topology of the chosen transportation cost. It also establishes new connections --- some heuristic and others rigorous --- based on the properties of the cross-difference of this cost, and its Taylor expansion at the diagonal.Comment: 27 page

Round Optimal Secure Multiparty Computation from Minimal Assumptions

We construct a four round secure multiparty computation (MPC) protocol in the plain model that achieves security against any dishonest majority. The security of our protocol relies only on the existence of four round oblivious transfer. This culminates the long line of research on constructing round-efficient MPC from minimal assumptions (at least w.r.t. black-box simulation)

Natural killer cells attenuate cytomegalovirus-induced hearing loss in mice

<div><p>Congenital cytomegalovirus (CMV) infection is the most common non-hereditary cause of sensorineural hearing loss (SNHL) yet the mechanisms of hearing loss remain obscure. Natural Killer (NK) cells play a critical role in regulating murine CMV infection via NK cell recognition of the Ly49H cell surface receptor of the viral-encoded m157 ligand expressed at the infected cell surface. This Ly49H NK receptor/m157 ligand interaction has been found to mediate host resistance to CMV in the spleen, and lung, but is much less effective in the liver, so it is not known if this interaction is important in the context of SNHL. Using a murine model for CMV-induced labyrinthitis, we have demonstrated that the Ly49H/m157 interaction mediates host resistance in the temporal bone. BALB/c mice, which lack functional Ly49H, inoculated with mCMV at post-natal day 3 developed profound hearing loss and significant outer hair cell loss by 28 days of life. In contrast, C57BL/6 mice, competent for the Ly49H/m157 interaction, had minimal hearing loss and attenuated outer hair cell loss with the same mCMV dose. Administration of Ly49H blocking antibody or inoculation with a mCMV viral strain deleted for the m157 gene rendered the previously resistant C57BL/6 mouse strain susceptible to hearing loss to a similar extent as the BALB/c mouse strain indicating a direct role of the Ly49H/m157 interaction in mCMV-dependent hearing loss. Additionally, NK cell recruitment to sites of infection was evident in the temporal bone of inoculated susceptible mouse strains. These results demonstrate participation of NK cells in protection from CMV-induced labyrinthitis and SNHL in mice.</p></div

Formação de mudas de macieira pré-formadas com a aplicação de benziladenina.

O desenvolvimento da fruticultura no sul do Brasil é uma realidade que vem se consolidando ao longo do tempo, pois o aprimoramento das técnicas de cultivo torna possível o alcance de produtividades satisfatórias nas culturas de interesse