155 research outputs found
A Polynomial-Time Universal Security Amplifier in the Class of Block Ciphers
We demonstrate the existence of an efficient block cipher with the property that whenever it is composed with any non-perfect cipher, the resulting product is strictly more secure, against an ideal adversary, than the original cipher. We call this property universal security amplification, and note that it holds trivially for a one-time pad (a stream cipher). However, as far as we are aware, this is the first efficient block cipher with this property. Several practical implications of this result are considered
Towards a digitally conceived physical performance object
Thesis (S.M.)--Massachusetts Institute of Technology, School of Architecture and Planning, Program in Media Arts and Sciences, 2007.Includes bibliographical references (p. 122-126).In the performing arts, the relationship that is established between what is seen and what is heard must be experienced to fully appreciate and understand the aesthetics of performance. Actual physical objects such as musical instruments, lights, elements of the set, props, and people provide the visual associations and a tangible reality which can enhance the musical elements in a performance. This thesis proposes that new and artistic physical objects can, in themselves, be designed to perform. It introduces the Chandelier, a kinetic sculpture, a central set piece for a new opera, a new kind of musical instrument, and an object that performs. The piece moves and changes shape through mechanical action and the designed interplay between surfaces and light. It is intended to be interacted with by musicians and players of the opera. This thesis also explores the design process and evolution of the Chandelier with a primary objective of realizing a constructible, physical performance object through an authentic and abstruse digital conception. It is a conception not of a static nature, but incorporates a dynamic sense of changeable form through coordinated elements of light, mechanics, and sculpture.Steven L. Pliam.S.M
Compositional closure for Bayes Risk in probabilistic noninterference
We give a sequential model for noninterference security including probability
(but not demonic choice), thus supporting reasoning about the likelihood that
high-security values might be revealed by observations of low-security
activity. Our novel methodological contribution is the definition of a
refinement order and its use to compare security measures between
specifications and (their supposed) implementations. This contrasts with the
more common practice of evaluating the security of individual programs in
isolation.
The appropriateness of our model and order is supported by our showing that
our refinement order is the greatest compositional relation --the compositional
closure-- with respect to our semantics and an "elementary" order based on
Bayes Risk --- a security measure already in widespread use. We also relate
refinement to other measures such as Shannon Entropy.
By applying the approach to a non-trivial example, the anonymous-majority
Three-Judges protocol, we demonstrate by example that correctness arguments can
be simplified by the sort of layered developments --through levels of
increasing detail-- that are allowed and encouraged by compositional semantics
Naturally Rehearsing Passwords
We introduce quantitative usability and security models to guide the design
of password management schemes --- systematic strategies to help users create
and remember multiple passwords. In the same way that security proofs in
cryptography are based on complexity-theoretic assumptions (e.g., hardness of
factoring and discrete logarithm), we quantify usability by introducing
usability assumptions. In particular, password management relies on assumptions
about human memory, e.g., that a user who follows a particular rehearsal
schedule will successfully maintain the corresponding memory. These assumptions
are informed by research in cognitive science and validated through empirical
studies. Given rehearsal requirements and a user's visitation schedule for each
account, we use the total number of extra rehearsals that the user would have
to do to remember all of his passwords as a measure of the usability of the
password scheme. Our usability model leads us to a key observation: password
reuse benefits users not only by reducing the number of passwords that the user
has to memorize, but more importantly by increasing the natural rehearsal rate
for each password. We also present a security model which accounts for the
complexity of password management with multiple accounts and associated
threats, including online, offline, and plaintext password leak attacks.
Observing that current password management schemes are either insecure or
unusable, we present Shared Cues--- a new scheme in which the underlying secret
is strategically shared across accounts to ensure that most rehearsal
requirements are satisfied naturally while simultaneously providing strong
security. The construction uses the Chinese Remainder Theorem to achieve these
competing goals
Late Simultaneous Presentation of Left Ventricular Pseudoaneurysm and Tricuspid Regurgitation after Blunt Chest Trauma
A 32-yr-old man developed progressive exertional dyspnea 4 yr after blunt chest trauma due to an automobile accident. Two-dimensional echocardiography and computed-tomographic coronary angiography demonstrated a large pseudoaneurysm of the left ventricle and severe tricuspid regurgitation. The patient underwent successful surgical exclusion of the pseudoaneurysm by endoaneurysmal patch closure and repair of the tricuspid valve regurgitation. To the best of our knowledge, this is the first case of these 2 different pathologies presenting late simultaneously after blunt chest trauma and successful surgical repairs in the published literature
Quantitative Information Flow and Applications to Differential Privacy
International audienceSecure information flow is the problem of ensuring that the information made publicly available by a computational system does not leak information that should be kept secret. Since it is practically impossible to avoid leakage entirely, in recent years there has been a growing interest in considering the quantitative aspects of information flow, in order to measure and compare the amount of leakage. Information theory is widely regarded as a natural framework to provide firm foundations to quantitative information flow. In this notes we review the two main information-theoretic approaches that have been investigated: the one based on Shannon entropy, and the one based on Rényi min-entropy. Furthermore, we discuss some applications in the area of privacy. In particular, we consider statistical databases and the recently-proposed notion of differential privacy. Using the information-theoretic view, we discuss the bound that differential privacy induces on leakage, and the trade-off between utility and privac
On the Incomparability of Entropy and Marginal Guesswork in Brute-Force Attacks
We discuss measures of statistical uncertainty relevant to determining random values in cryptology. It is shown that unbalanced and self-similar Huffman trees have extremal properties with respect to these measures. Their corresponding probability distributions exhibit an unbounded gap between (Shannon) entropy and the logarithm of the minimum search space size necessary to be guaranteed a certain chance of success (called marginal guesswork). Thus, there can be no general inequality between them. We discuss the implications of this result in terms of the security of weak secrets against brute-force searching attacks, and also in terms of Shannon's uncertainty axioms
- …