Automated Symbolic Verification of Telegram's MTProto 2.0

MTProto 2.0 is a suite of cryptographic protocols for instant messaging at the core of the popular Telegram messenger application. In this paper we analyse MTProto 2.0 using the symbolic verifier ProVerif. We provide fully automated proofs of the soundness of MTProto 2.0's authentication, normal chat, end-to-end encrypted chat, and rekeying mechanisms with respect to several security properties, including authentication, integrity, secrecy and perfect forward secrecy; at the same time, we discover that the rekeying protocol is vulnerable to an unknown key-share (UKS) attack. We proceed in an incremental way: each protocol is examined in isolation, relying only on the guarantees provided by the previous ones and the robustness of the basic cryptographic primitives. Our research proves the formal correctness of MTProto 2.0 w.r.t. most relevant security properties, and it can serve as a reference for implementation and analysis of clients and servers.Comment: 19 page

User Requirements and Relational Modelling for a Non-Theatrical Cinema and Video-Art Cataloguing System

We describe an ongoing effort to design and implement a computerized cataloguing system for a laboratory dedicated to the resto- ration and archiving of non-theatrical cinema and video art. The goal is to evolve the current information system taking into account three different aspects: (i) national and international standards and workflows concerning preservation, cataloguing and archiving of film and contem- porary art; (ii) specific needs emerging by daily experimentation in film and video restoration practice; (iii) the interoperability with film archives and contemporary art museums. A flexible conceptual Relational model based on Codd\u2019s RM/T is proposed as a first step towards the development of a system meeting the unique requirements of non-feature films and videos

Attribute selection via multi-objective evolutionary computation applied to multi-skill contact center data classification

Attribute or feature selection is one of the basic strategies to improve the performances of data classification tasks, and, at the same time to reduce the complexity of classifiers, and it is a particularly fundamental one when the number of attributes is relatively high. Evolutionary computation has already proven itself to be a very effective choice to consistently reduce the number of attributes towards a better classification rate and a simpler semantic interpretation of the inferred classifiers. We propose the application of the multi-objective evolutionary algorithm ENORA to the task of feature selection for multi-class classification of data extracted from an integrated multi-channel multi-skill contact center, which include technical, service and central data for each session. Additionally, we propose a methodology to integrate feature selection for classification, model evaluation, and decision making to choose the most satisfactory model according to a "a posteriori" process in a multi-objective context. We check out our results by comparing the performance and the classification rate against the well-known multi-objective evolutionary algorithm NSGA-II. Finally, the best obtained solution is validated by a data expert’s semantic interpretation of the classifier

Automated verification of Telegram’s MTProto 2.0 in the symbolic model

MTProto 2.0 is the suite of security protocols for instant messaging at the core of the popular Telegram messenger application. In this paper we analyse MTProto 2.0 using ProVerif, a state-of-the-art symbolic security protocol verifier based on the Dolev–Yao model. We provide the first formal symbolic model of MTProto 2.0; in this model, we provide fully automated proofs of the soundness of authentication, normal chat, end-to-end encrypted chat, and rekeying mechanisms with respect to several security properties, including authentication, integrity, secrecy and perfect forward secrecy. At the same time, we discover that the rekeying protocol is vulnerable to an unknown key-share (UKS) attack. To achieve these results, we proceed in an incremental way: each protocol is examined in isolation, relying only on the guarantees provided by the previous ones and the robustness of the basic cryptographic primitives. The importance of this research is threefold. First, it proves the formal correctness of MTProto 2.0 with respect to most relevant security properties. Secondly, we isolate the aspects of cryptographic primitives that escape the symbolic model and thus require further investigation in the computational model. Finally, our modelisation can serve as a reference for the implementation and analysis of clients and servers

A Conservative Approach for Describing Cancer Progression

The field of tumor phylogenetics focuses on studying the differences within cancer cell populations and many efforts are done within the scientific community to build cancer progression models trying to understand the heterogeneity of such diseases. These models are highly dependent on the kind of data used for their construction and, as the experimental technologies evolve, it is of major importance to exploit their peculiarities. In this work we describe a cancer progression model based on Single Cell DNA Sequencing data. When constructing the model, we focus on tailoring the formalism on the specificity of the data, by defining a minimal set of assumptions to reconstruct a flexible DAG structured model, capable of identifying progression beyond the limitation of the infinite site assumption. We provide simulations and analytical results to show the features of our model, test it on real data, show how it can be integrated with other approaches to cope with input noise. Moreover, our framework can be exploited to produce simulated data that follows our theoretical assumptions. Finally, we provide an open source R implementation of our approach that is publicly available on BioConductor

Ehrenfeucht Games on Labelled Successor Structures: Remoteness and Optimal Strategies

Technical Report RR02/200

Decidability of Interval Temporal Logics over Split-Frames via Granularity

Abstract. Logics for time intervals provide a natural framework for representing and reasoning about timing properties in various areas of artificial intelligence and computer science. Unfortunately, most interval temporal logics proposed in the literature have been shown to be (highly) undecidable. Decidable fragments of these logics have been obtained by imposing severe restrictions on their expressive power. In this paper, we propose a new interval temporal logic, called Split Logic, which is equipped with operators borrowed from other interval temporal logics, but is interpreted over specific interval structures based on a layered view of the temporal domain. We show that there exists a straightforward correspondence between Split Logic and the first-order fragments of the monadic theories of time granularity proposed in the literature. This connection allows us to transfer existing decidability results for such theories to Split Logic.

Games on Strings with a Limited Order Relation

In this paper, we show how Ehrenfeucht-Fra\uefss\ue9 games can be successfully exploited to compare (finite) strings. More precisely, we give necessary and sufficient conditions for Spoiler/Duplicator to win games played on finite structures with a limited order relation, that lies in between the successor relation and the usual (linear) order relation, and a finite number of unary predicates. On the basis of such conditions, we outline a polynomial (in the size of the input strings) algorithm to compute the "remoteness" of a game and to determine the optimal strategies/moves for both players

Structured motifs search

In this paper, we describe an algorithm for the localization of structured models, i.e. sequences of (simple) motifs and distance constraints. It basically combines standard pattern matching procedures with a constraint satisfaction solver, and it has the ability, not present in similar tools, to search for partial matches. A significant feature of our approach, especially in terms of efficiency for the application context, is that the (potentially) exponentially many solutions to the considered problem are represented in compact form as a graph. Moreover, the time and space necessary to build the graph are linear in the number of occurrences of the component patterns