Salvaging Weak Security Bounds for Blockcipher-Based Constructions

The concrete security bounds for some blockcipher-based constructions sometimes become worrisome or even vacuous; for example, when a light-weight blockcipher is used, when large amounts of data are processed, or when a large number of connections need to be kept secure. Rotating keys helps, but introduces a ``hybrid factor\u27\u27 $m$ equal to the number of keys used. In such instances, analysis in the ideal-cipher model (ICM) can give a sharper picture of security, but this heuristic is called into question when cryptanalysis of the real-world blockcipher reveals weak keys, related-key attacks, etc. To address both concerns, we introduce a new analysis model, the ideal-cipher model under key-oblivious access (ICM-KOA). Like the ICM, the ICM-KOA can give sharp security bounds when standard-model bounds do not. Unlike the ICM, results in the ICM-KOA are less brittle to current and future cryptanalytic results on the blockcipher used to instantiate the ideal cipher. Also, results in the ICM-KOA immediately imply results in the ICM _and_ the standard model, giving multiple viewpoints on a construction with a single effort. The ICM-KOA provides a conceptual bridge between ideal ciphers and tweakable blockciphers (TBC): blockcipher-based constructions secure in the ICM-KOA have TBC-based analogs that are secure under standard-model TBC security assumptions. Finally, the ICM-KOA provides a natural framework for analyzing blockcipher key-update strategies that use the blockcipher to derive the new key. This is done, for example, in the NIST CTR-DRBG and in the hardware RNG that ships on Intel chips

Association of Carotid Plaque Lp-PLA2 with Macrophages and Chlamydia pneumoniae Infection among Patients at Risk for Stroke

BACKGROUND: We previously showed that the burden of Chlamydia pneumoniae in carotid plaques was significantly associated with plaque interleukin (IL)-6, and serum IL-6 and C-reactive protein (CRP), suggesting that infected plaques contribute to systemic inflammatory markers in patients with stroke risk. Since lipoprotein-associated phospholipase A2 (Lp-PLA(2)) mediates inflammation in atherosclerosis, we hypothesized that serum Lp-PLA(2) mass and activity levels and plaque Lp-PLA(2) may be influenced by plaque C. pneumoniae infection. METHODOLOGY/PRINCIPAL FINDINGS: Forty-two patients underwent elective carotid endarterectomy. Tissue obtained at surgery was stained by immunohistochemistry for Lp-PLA(2) grade, macrophages, IL-6, C. pneumoniae and CD4+ and CD8+ cells. Serum Lp-PLA(2) activity and mass were measured using the colorimetric activity method (CAM) and ELISA, respectively. Serum homocysteine levels were measured by HPLC. Eleven (26.2%) patients were symptomatic with transient ischemic attacks. There was no correlation between patient risk factors (smoking, coronary artery disease, elevated cholesterol, diabetes, obesity, hypertension and family history of genetic disorders) for atherosclerosis and serum levels or plaque grade for Lp-PLA(2). Plaque Lp-PLA(2) correlated with serum homocysteine levels (p = 0.013), plaque macrophages (p<0.01), and plaque C. pneumoniae (p<0.001), which predominantly infected macrophages, co-localizing with Lp-PLA(2). CONCLUSIONS: The significant association of plaque Lp-PLA(2) with plaque macrophages and C. pneumoniae suggests an interactive role in accelerating inflammation in atherosclerosis. A possible mechanism for C. pneumoniae in the atherogenic process may involve infection of macrophages that induce Lp-PLA(2) production leading to upregulation of inflammatory mediators in plaque tissue. Additional in vitro and in vivo research will be needed to advance our understanding of specific C. pneumoniae and Lp-PLA(2) interactions in atherosclerosis

Modelling of the effect of ELMs on fuel retention at the bulk W divertor of JET

Effect of ELMs on fuel retention at the bulk W target of JET ITER-Like Wall was studied with multi-scale calculations. Plasma input parameters were taken from ELMy H-mode plasma experiment. The energetic intra-ELM fuel particles get implanted and create near-surface defects up to depths of few tens of nm, which act as the main fuel trapping sites during ELMs. Clustering of implantation-induced vacancies were found to take place. The incoming flux of inter-ELM plasma particles increases the different filling levels of trapped fuel in defects. The temperature increase of the W target during the pulse increases the fuel detrapping rate. The inter-ELM fuel particle flux refills the partially emptied trapping sites and fills new sites. This leads to a competing effect on the retention and release rates of the implanted particles. At high temperatures the main retention appeared in larger vacancy clusters due to increased clustering rate

Sigma protocols for MQ, PKP and SIS, and fishy signature schemes

This work presents sigma protocols to prove knowledge of: -a solution to a system of quadratic polynomials, -a solution to an instance of the Permuted Kernel Problem and -a witness for a variety of lattice statements (including SIS). Our sigma protocols have soundness error 1/q\u27, where q\u27 is any number bounded by the size of the underlying finite field. This is much better than existing proofs, which have soundness error 2/3 or (q\u27+1)/2q\u27. The prover and verifier time of our proofs are O(q\u27). We achieve this by first constructing so-called sigma protocols with helper, which are sigma protocols where the prover and the verifier are assisted by a trusted third party, and then eliminating the helper from the proof with a cut-and-choose protocol. We apply the Fiat-Shamir transform to obtain signature schemes with security proof in the QROM. We show that the resulting signature schemes, which we call the MUltivariate quaDratic FIat-SHamir scheme (MUDFISH) and the ShUffled Solution to Homogeneous linear SYstem FIat-SHamir scheme (SUSHSYFISH), are more efficient than existing signatures based on the MQ problem and the Permuted Kernel Problem. Our proof system can be used to improve the efficiency of applications relying on (generalizations of) Stern\u27s protocol. We show that the proof size of our SIS proof is smaller than that of Stern\u27s protocol by an order of magnitude and that our proof is more efficient than existing post-quantum secure SIS proofs