Full Security:Fuzzy Identity Based Encryption

At EUROCRYPT 2005, Sahai and Waters presented the Fuzzy Identity Based Encryption (Fuzzy-IBE) which could be used for biometrics and attribute-based encryption in the selective-identity model. When a secure Fuzzy-IBE scheme in the selective-identity model is transformed to full identity model it exist an exponential loss of security. In this paper, we use the CPA secure Gentry\u27s IBE (exponent inversion IBE) to construct the first Fuzzy IBE that is fully secure without random oracles. In addition, the same technique is used to the modification of CCA secure Gentry\u27s IBE which introduced by Kiltz and Vahlis to get the CCA secure Fuzzy IBE in the full-identity model

Theoretical study of small signal modulation behavior of Fabry-Perot Germanium-on-Silicon lasers

This work investigated the small signal performance of Fabry-Perot Ge-on-Si lasers by modeling and simulations. The 3dB bandwidth dependence on the structure parameters such as poly-Si cladding thickness, Ge cavity width and thickness, and minority carrier lifetime were studied. A 3dB bandwidth of 33.94 GHz at a biasing current of 270.5 mA is predicted after Ge laser structure optimization with a defect limited carrier lifetime of 1 ns

On the Way to SBOMs: Investigating Design Issues and Solutions in Practice

Software Bill of Materials (SBOM), offers improved transparency and supply chain security by providing a machine-readable inventory of software components used. With the rise in software supply chain attacks, the SBOM has attracted attention from both academia and industry. This paper presents a study on the practice of SBOM, based on the analysis of 4,786 GitHub discussions from 510 SBOM-related projects. Our study identifies key topics, challenges, and solutions associated with effective SBOM usage. We also highlight commonly used tools and frameworks for generating SBOMs, along with their respective strengths and limitations. Our research underscores the importance of SBOMs in software development and the need for their widespread adoption to enhance supply chain security. Additionally, the insights gained from our study can inform future research and development in this field

Making Python Code Idiomatic by Automatic Refactoring Non-Idiomatic Python Code with Pythonic Idioms

Compared to other programming languages (e.g., Java), Python has more idioms to make Python code concise and efficient. Although pythonic idioms are well accepted in the Python community, Python programmers are often faced with many challenges in using them, for example, being unaware of certain pythonic idioms or do not know how to use them properly. Based on an analysis of 7,638 Python repositories on GitHub, we find that non-idiomatic Python code that can be implemented with pythonic idioms occurs frequently and widely. Unfortunately, there is no tool for automatically refactoring such non-idiomatic code into idiomatic code. In this paper, we design and implement an automatic refactoring tool to make Python code idiomatic. We identify nine pythonic idioms by systematically contrasting the abstract syntax grammar of Python and Java. Then we define the syntactic patterns for detecting non-idiomatic code for each pythonic idiom. Finally, we devise atomic AST-rewriting operations and refactoring steps to refactor non-idiomatic code into idiomatic code. We test and review over 4,115 refactorings applied to 1,065 Python projects from GitHub, and submit 90 pull requests for the 90 randomly sampled refactorings to 84 projects. These evaluations confirm the high-accuracy, practicality and usefulness of our refactoring tool on real-world Python code. Our refactoring tool can be accessed at 47.242.131.128:5000.Comment: 12 pages, accepted to ESEC/FSE'202

Trust in Software Supply Chains: Blockchain-Enabled SBOM and the AIBOM Future

Software Bill of Materials (SBOM) serves as a critical pillar in ensuring software supply chain security by providing a detailed inventory of the components and dependencies integral to software development. However, challenges abound in the sharing of SBOMs, including potential data tampering, hesitation among software vendors to disclose comprehensive information, and bespoke requirements from software procurers or users. These obstacles have stifled widespread adoption and utilization of SBOMs, underscoring the need for a more secure and flexible mechanism for SBOM sharing. This study proposes a novel solution to these challenges by introducing a blockchain-empowered approach for SBOM sharing, leveraging verifiable credentials to allow for selective disclosure. This strategy not only heightens security but also offers flexibility. Furthermore, this paper broadens the remit of SBOM to encompass AI systems, thereby coining the term AI Bill of Materials (AIBOM). This extension is motivated by the rapid progression in AI technology and the escalating necessity to track the lineage and composition of AI software and systems. Particularly in the era of foundational models like large language models (LLMs), understanding their composition and dependencies becomes crucial. These models often serve as a base for further development, creating complex dependencies and paving the way for innovative AI applications. The evaluation of our solution indicates the feasibility and flexibility of the proposed SBOM sharing mechanism, positing a new solution for securing (AI) software supply chains

Enhancing plant resilience: arbuscular mycorrhizal fungi’s role in alleviating drought stress in vegetation concrete

IntroductionDrought stress usually inhibits plant growth, which may increase the difficulty of greening slopes.MethodsIn this study, we systematically investigated the effects of arbuscular mycorrhizal (AM) fungi on the growth and drought tolerance of two plant species, Festuca elata and Cassia glauca, in a vegetation concrete environment by exogenously inoculating AM fungi and setting three drought levels: well water, moderate drought and severe drought. The results showed that plant growth was significantly inhibited under drought stress; however, AM fungi inoculation significantly promoted plant height, root length, and above- and belowground biomass in these two plant species.ResultsCompared with, those in the CK treatment, the greatest increases in the net photosynthesis rate, stomatal conductance and transpiration rate in the AM treatment group were 36.72%, 210.08%, and 66.41%, respectively. Moreover, inoculation with AM fungi increased plant superoxide dismutase and catalase activities by 4.70–150.73% and 9.10–95.70%, respectively, and reduced leaf malondialdehyde content by 2.79–55.01%, which alleviated the damage caused by oxidative stress. These effects alleviated the damage caused by oxidative stress and increased the content of soluble sugars and soluble proteins in plant leaves by 1.52–65.44% and 4.67–97.54%, respectively, which further increased the drought adaptability of plants. However, inoculation with AM fungi had different effects on different plants.ConclusionIn summary, this study demonstrated that the inoculation of AM fungi in vegetation concrete environments can significantly increase plant growth and drought tolerance. The plants that formed a symbiotic structure with AM fungi had a larger root uptake area, greater water uptake capacity, and greater photosynthesis and gas exchange efficiency. In addition, AM fungi inoculation further increased the drought adaptability of the plants by increasing their antioxidant enzyme activity and regulating their metabolite content. These findings are highly important for promoting plant growth and increasing drought tolerance under drought conditions, especially for potential practical applications in areas such as slope protection, and provide useful references for future ecological engineering and sustainable development

Towards a Responsible AI Metrics Catalogue: A Collection of Metrics for AI Accountability

Artificial Intelligence (AI), particularly through the advent of large-scale generative AI (GenAI) models such as Large Language Models (LLMs), has become a transformative element in contemporary technology. While these models have unlocked new possibilities, they simultaneously present significant challenges, such as concerns over data privacy and the propensity to generate misleading or fabricated content. Current frameworks for Responsible AI (RAI) often fall short in providing the granular guidance necessary for tangible application, especially for Accountability-a principle that is pivotal for ensuring transparent and auditable decision-making, bolstering public trust, and meeting increasing regulatory expectations. This study bridges the accountability gap by introducing our effort towards a comprehensive metrics catalogue, formulated through a systematic multivocal literature review (MLR) that integrates findings from both academic and grey literature. Our catalogue delineates process metrics that underpin procedural integrity, resource metrics that provide necessary tools and frameworks, and product metrics that reflect the outputs of AI systems. This tripartite framework is designed to operationalize Accountability in AI, with a special emphasis on addressing the intricacies of GenAI