Callisto: a cryptographic approach to detecting serial perpetrators of sexual misconduct

Sexual misconduct is prevalent in workplace and education settings but stigma and risk of further damage deter many victims from seeking justice. Callisto, a non-profit that has created an online sexual assault reporting platform for college campuses, is expanding its work to combat sexual assault and harassment in other industries. In this new product, users will be invited to an online "matching escrow" that will detect repeat perpetrators and create pathways to support for victims. Users submit encrypted data about their perpetrator, and this data can only be decrypted by the Callisto Options Counselor (a lawyer), when another user enters the identity of the same perpetrator. If the perpetrator identities match, both users will be put in touch independently with the Options Counselor, who will connect them to each other (if appropriate) and help them determine their best path towards justice. The client relationships with the Options Counselors are structured so that any client-counselor communications would be privileged. A combination of client-side encryption, encrypted communication channels, oblivious pseudo-random functions, key federation, and Shamir Secret Sharing keep data confidential in transit, at rest, and during the matching process with the guarantee that only the lawyer ever has access to user submitted data, and even then only when a match is identified.Accepted manuscrip

From usability to secure computing and back again

Secure multi-party computation (MPC) allows multiple parties to jointly compute the output of a function while preserving the privacy of any individual party’s inputs to that function. As MPC protocols transition from research prototypes to realworld applications, the usability of MPC-enabled applications is increasingly critical to their successful deployment and widespread adoption. Our Web-MPC platform, designed with a focus on usability, has been deployed for privacy-preserving data aggregation initiatives with the City of Boston and the Greater Boston Chamber of Commerce. After building and deploying an initial version of the platform, we conducted a heuristic evaluation to identify usability improvements and implemented corresponding application enhancements. However, it is difficult to gauge the effectiveness of these changes within the context of real-world deployments using traditional web analytics tools without compromising the security guarantees of the platform. This work consists of two contributions that address this challenge: (1) the Web-MPC platform has been extended with the capability to collect web analytics using existing MPC protocols, and (2) as a test of this feature and a way to inform future work, this capability has been leveraged to conduct a usability study comparing the two versions ofWeb-MPC. While many efforts have focused on ways to enhance the usability of privacy-preserving technologies, this study serves as a model for using a privacy-preserving data-driven approach to evaluate and enhance the usability of privacy-preserving websites and applications deployed in realworld scenarios. Data collected in this study yields insights into the relationship between usability and security; these can help inform future implementations of MPC solutions.Published versio

Targeted Disruption of Ephrin B1 in Cells of Myeloid Lineage Increases Osteoclast Differentiation and Bone Resorption in Mice

Disruption of ephrin B1 in collagen I producing cells in mice results in severe skull defects and reduced bone formation. Because ephrin B1 is also expressed during osteoclast differentiation and because little is known on the role of ephrin B1 reverse signaling in bone resorption, we examined the bone phenotypes in ephrin B1 conditional knockout mice, and studied the function of ephrin B1 reverse signaling on osteoclast differentiation and resorptive activity. Targeted deletion of ephrin B1 gene in myeloid lineage cells resulted in reduced trabecular bone volume, trabecular number and trabecular thickness caused by increased TRAP positive osteoclasts and bone resorption. Histomorphometric analyses found bone formation parameters were not changed in ephrin B1 knockout mice. Treatment of wild-type precursors with clustered soluble EphB2-Fc inhibited RANKL induced formation of multinucleated osteoclasts, and bone resorption pits. The same treatment of ephrin B1 deficient precursors had little effect on osteoclast differentiation and pit formation. Similarly, activation of ephrin B1 reverse signaling by EphB2-Fc treatment led to inhibition of TRAP, cathepsin K and NFATc1 mRNA expression in osteoclasts derived from wild-type mice but not conditional knockout mice. Immunoprecipitation with NHERF1 antibody revealed ephrin B1 interacted with NHERF1 in differentiated osteoclasts. Treatment of osteoclasts with exogenous EphB2-Fc resulted in reduced phosphorylation of ezrin/radixin/moesin. We conclude that myeloid lineage produced ephrin B1 is a negative regulator of bone resorption in vivo, and that activation of ephrin B1 reverse signaling inhibits osteoclast differentiation in vitro in part via a mechanism that involves inhibition of NFATc1 expression and modulation of phosphorylation status of ezrin/radixin/moesin

A Decentralized and Encrypted National Gun Registry

Gun violence results in a significant number of deaths in the United States. Starting in the 1960’s, the US Congress passed a series of gun control laws to regulate the sale and use of firearms. One of the most important but politically fraught gun control measures is a national gun registry. A US Senate office is currently drafting legislation that proposes the creation of a voluntary national gun registration system. At a high level, the bill envisions a decentralized system where local county officials would control and manage the registration data of their constituents. These local databases could then be queried by other officials and law enforcement to trace guns. Due to the sensitive nature of this data, however, these databases should guarantee the confidentiality of the data. In this work, we translate the high-level vision of the proposed legislation into technical requirements and design a cryptographic protocol that meets them. Roughly speaking, the protocol can be viewed as a decentralized system of locally-managed end-to-end encrypted databases. Our design relies on various cryptographic building blocks including structured encryption, secure multi-party computation and secret sharing. We propose a formal security definition and prove that our design meets it. We implemented our protocol and evaluated its performance empirically at the scale it would have to run if it were deployed in the United States. Our results show that a decentralized and end-to-end encrypted national gun registry is not only possible in theory but feasible in practice

Accessible privacy-preserving web-based data analysis for assessing and addressing economic inequalities

An essential component of initiatives that aim to address pervasive inequalities of any kind is the ability to collect empirical evidence of both the status quo baseline and of any improvement that can be attributed to prescribed and deployed interventions. Unfortunately, two substantial barriers can arise preventing the collection and analysis of such empirical evidence: (1) the sensitive nature of the data itself and (2) a lack of technical sophistication and infrastructure available to both an initiative's beneficiaries and to those spearheading it. In the last few years, it has been shown that a cryptographic primitive called secure multi-party computation (MPC) can provide a natural technological resolution to this conundrum. MPC allows an otherwise disinterested third party to contribute its technical expertise and resources, to avoid incurring any additional liabilities itself, and (counterintuitively) to reduce the level of data exposure that existing parties must accept to achieve their data analysis goals. However, achieving these benefits requires the deliberate design of MPC tools and frameworks whose level of accessibility to non-technical users with limited infrastructure and expertise is state-of-the-art. We describe our own experiences designing, implementing, and deploying such usable web applications for secure data analysis within the context of two real-world initiatives that focus on promoting economic equality.Published versio

From Usability to Secure Computing and Back Again

Secure multi-party computation (MPC) allows multiple parties to jointly compute the output of a function while preserving the privacy of any individual party\u27s inputs to that function. As MPC protocols transition from research prototypes to real-world applications, the usability of MPC-enabled applications is increasingly critical to their successful deployment and wide adoption. Our Web-MPC platform, designed with a focus on usability, has been deployed for privacy-preserving data aggregation initiatives with the City of Boston and the Greater Boston Chamber of Commerce. After building and deploying an initial version of this platform, we conducted a heuristic evaluation to identify additional usability improvements and implemented corresponding application enhancements. However, it is difficult to gauge the effectiveness of these changes within the context of real-world deployments using traditional web analytics tools without compromising the security guarantees of the platform. This work consists of two contributions that address this challenge: (1) the Web-MPC platform has been extended with the capability to collect web analytics using existing MPC protocols, and (2) this capability has been leveraged to conduct a usability study comparing the two version of Web-MPC (before and after the heuristic evaluation and associated improvements). While many efforts have focused on ways to enhance the usability of privacy-preserving technologies, this study can serve as a model for using a privacy-preserving data-driven approach in evaluating or enhancing the usability of privacy-preserving websites and applications deployed in real-world scenarios. The data collected in this study yields insights about the interplay between usability and security that can help inform future implementations of applications that employ MPC

Serum uric acid as a potential marker for heart failure risk in men on antihypertensive treatment: The British Regional Heart Study.

The role of serum uric acid (SUA) as a prognostic marker for incident heart failure (HF) in hypertensive subjects is uncertain. We have prospectively examined the relationship between SUA and incident HF in 3440 men aged 60-79years separately in those on and not on antihypertensive treatment who were followed up for a mean period of 15years. Men on SUA lowering drugs and those with history of HF or myocardial infarction were excluded. There were 260 incident HF cases. The men were divided into three groups of SUA concentrations/levels (410μmol/L). Raised SUA was associated with significantly increased risk of HF in men on antihypertensive treatment (N=949) but not in those without (N=2491) (p=0.003 for interaction). In men on antihypertensive treatment those with hyperuricemia (>410μmol/L) had the most adverse biological risk profile for HF including the highest rates of atrial fibrillation and renal dysfunction and the highest mean level of BMI, c-reactive protein and cardiac function (cardiac troponin T). Treated hypertensive men with SUA levels>410μmol/L showed an increase in risk of HF of more than twofold compared to those on treatment with levels <350μmol/L even after adjustment for lifestyle characteristics and biological risk factors [adjusted hazard ratio 2.26 (1.23,4.15)]. SUA improved prediction of HF beyond routine conventional risk factors (p=0.02 for improvement in c-statistics). SUA as a marker of increased xanthine oxidase activity may be a useful prognostic marker for HF risk in older men on antihypertensive treatment

Downwind Coning Concept Rotor for a 25 MW Offshore Wind Turbine

The size of offshore wind turbines over the next decade is expected to continually increase due to reduced balance of station costs per MW and also the higher wind energy at increased altitudes that can lead to higher capacity factors. However, there are challenges that may limit the degree of upscaling which is possible. In this paper, a two-bladed downwind turbine system is upscaled from 13.2 MW to 25 MW, by redesigning aerodynamics, structures, and controls. In particular, three 25 MW rotors have been developed: V1 is the upscaled model, V2 is a partial redesigned model, and V3 is a fully redesigned model. Despite their radically large sizes, it is found that these 25 MW turbine rotors satisfy this limited set of design drivers at the rated condition and that larger blade lengths are possible with cone-wise load-alignment. In addition, flapwise morphing (varying the cone angle with a wind-speed schedule) is investigated in terms of minimizing mean and fluctuating root bending loads using steady inflow proxies for the maximum and damage equivalent load moments. The resulting series of 25 MW rotors, which are the largest ever designed, can be a useful baseline for further development and assessment. </div

Single-molecule imaging reveals receptor-G protein interactions at cell surface hot spots

G-protein-coupled receptors mediate the biological effects of many hormones and neurotransmitters and are important pharmacological targets. They transmit their signals to the cell interior by interacting with G proteins. However, it is unclear how receptors and G proteins meet, interact and couple. Here we analyse the concerted motion of G-protein-coupled receptors and G proteins on the plasma membrane and provide a quantitative model that reveals the key factors that underlie the high spatiotemporal complexity of their interactions. Using two-colour, single-molecule imaging we visualize interactions between individual receptors and G proteins at the surface of living cells. Under basal conditions, receptors and G proteins form activity-dependent complexes that last for around one second. Agonists specifically regulate the kinetics of receptor-G protein interactions, mainly by increasing their association rate. We find hot spots on the plasma membrane, at least partially defined by the cytoskeleton and clathrin-coated pits, in which receptors and G proteins are confined and preferentially couple. Imaging with the nanobody Nb37 suggests that signalling by G-protein-coupled receptors occurs preferentially at these hot spots. These findings shed new light on the dynamic interactions that control G-protein-coupled receptor signalling

Mutations in GDP-mannose pyrophosphorylase b cause congenital and limb-girdle muscular dystrophies associated with hypoglycosylation of α-dystroglycan

Congenital muscular dystrophies with hypoglycosylation of α-dystroglycan (α-DG) are a heterogeneous group of disorders often associated with brain and eye defects in addition to muscular dystrophy. Causative variants in 14 genes thought to be involved in the glycosylation of α-DG have been identified thus far. Allelic mutations in these genes might also cause milder limb-girdle muscular dystrophy phenotypes. Using a combination of exome and Sanger sequencing in eight unrelated individuals, we present evidence that mutations in guanosine diphosphate mannose (GDP-mannose) pyrophosphorylase B (GMPPB) can result in muscular dystrophy variants with hypoglycosylated α-DG. GMPPB catalyzes the formation of GDP-mannose from GTP and mannose-1-phosphate. GDP-mannose is required for O-mannosylation of proteins, including α-DG, and it is the substrate of cytosolic mannosyltransferases. We found reduced α-DG glycosylation in the muscle biopsies of affected individuals and in available fibroblasts. Overexpression of wild-type GMPPB in fibroblasts from an affected individual partially restored glycosylation of α-DG. Whereas wild-type GMPPB localized to the cytoplasm, five of the identified missense mutations caused formation of aggregates in the cytoplasm or near membrane protrusions. Additionally, knockdown of the GMPPB ortholog in zebrafish caused structural muscle defects with decreased motility, eye abnormalities, and reduced glycosylation of α-DG. Together, these data indicate that GMPPB mutations are responsible for congenital and limb-girdle muscular dystrophies with hypoglycosylation of α-DG. © 2013 The American Society of Human Genetics.Funding for UK10K was provided by the Wellcome Trust under award WT091310