132 research outputs found
Multislice Electron Tomography using 4D-STEM
Electron tomography offers important three-dimensional (3D) structural
information which cannot be observed by two-dimensional imaging. By combining
annular dark field scanning transmission electron microscopy (ADF-STEM) with
aberration correction, the resolution of electron tomography has reached atomic
resolution. However, tomography based on ADF-STEM inherently suffers from
several issues, including a high electron dose requirement, poor contrast for
light elements, and artifacts from image contrast nonlinearity. Here, we
developed a new method called MultiSlice Electron Tomography (MSET) based on
4D-STEM tilt series. Our simulations show that multislice-based 3D
reconstruction can effectively reduce undesirable reconstruction artifacts from
the nonlinear contrast, allowing precise determination of atomic structures
with improved sensitivity for low-Z elements, at considerably low electron dose
conditions. We expect that the MSET method can be applied to a wide variety of
materials, including radiation-sensitive samples and materials containing light
elements whose 3D atomic structures have never been fully elucidated due to
electron dose limitations or nonlinear imaging contrast.Comment: 26 pages, 9 figure
Functional Bootstrapping for FV-style Cryptosystems
Fully Homomorphic Encryption (FHE) enables the computation of an arbitrary function over encrypted data without decrypting them. In particular, bootstrapping is a core building block of FHE which reduces the noise of a ciphertext thereby recovering the computational capability.
This paper introduces a new bootstrapping framework for the Fan-Vercauteren (FV) scheme, called the functional bootstrapping, providing more generic and advanced functionality than the ordinary bootstrapping method. More specifically, the functional bootstrapping allows us to evaluate an arbitrary function while removing the error of an input ciphertext. Therefore, we achieve better depth consumption and computational complexity as the evaluation of a circuit can be integrated as part of the functional bootstrapping procedure. In particular, our approach extends the functionality of FV since it is even applicable to functions between different plaintext spaces.
At the heart of our functional bootstrapping framework is a homomorphic Look-Up Table (LUT) evaluation method where we represent any LUT using only the operations supported by the FV scheme. Finally, we provide a proof-of-concept implementation and present benchmarks of the functional bootstrapping. In concrete examples, such as delta and sign functions, our functional bootstrapping takes about 46.5s or 171.4s for 9-bit or 13-bit plaintext modulus, respectively
Faster TFHE Bootstrapping with Block Binary Keys
Fully Homomorphic Encryption over the Torus (TFHE) is a homomorphic encryption scheme which supports efficient Boolean operations over encrypted bits. TFHE has a unique feature in that the evaluation of each binary gate is followed by a bootstrapping procedure to refresh the noise of a ciphertext. In particular, this gate bootstrapping involves two algorithms called the blind rotation and key-switching.
In this work, we introduce several optimization techniques for the TFHE bootstrapping. We first define a new key distribution, called the block binary distribution, where the secret key can be expressed as a concatenation of several vectors of Hamming weight at most one. We analyze the hardness of (Ring) LWE with a block binary secret and provide candidate parameter sets which are secure against the best-known attacks. Then, we use the block key structure to simplify the inner working of blind rotation and reduce its complexity. We also modify the RLWE key generation and the gadget decomposition method to improve the performance of the key-switching algorithm in terms of complexity and noise growth.
Finally, we use the TFHE library to implement our algorithms and demonstrate their benchmarks.
Our experimentation shows that the execution time of TFHE bootstrapping is reduced from 10.5ms down to 6.4ms under the same security level, and the size of the bootstrapping key decreases from 109MB to 60MB
Toward Practical Lattice-based Proof of Knowledge from Hint-MLWE
In the last decade, zero-knowledge proof of knowledge protocols have been extensively studied to achieve active security of various cryptographic protocols. However, the existing solutions simply seek zero-knowledge for both message and randomness, which is an overkill in many applications since protocols may remain secure even if some information about randomness is leaked to the adversary.
We develop this idea to improve the state-of-the-art proof of knowledge protocols for RLWE-based public-key encryption and BDLOP commitment schemes. In a nutshell, we present new proof of knowledge protocols without using noise flooding or rejection sampling which are provably secure under a computational hardness assumption, called Hint-MLWE. We also show an efficient reduction from Hint-MLWE to the standard MLWE assumption.
Our approach enjoys the best of two worlds because it has no computational overhead from repetition (abort) and achieves a polynomial overhead between the honest and proven languages. We prove this claim by demonstrating concrete parameters and compare with previous results. Finally, we explain how our idea can be further applied to other proof of knowledge providing advanced functionality
A Unified Framework of Homomorphic Encryption for Multiple Parties with Non-Interactive Setup
The standard Homomorphic Encryption (HE) poses an authority issue when multiple parties are involved, as the authority is concentrated solely to whom that owns the (single) secret key.
To solve this issue, variants of HE have emerged in the context of multiple parties, resulting in the development of two different lines of HE schemes -- Multi-Party HE (MPHE) and Multi-Key HE (MKHE).
MPHE schemes tend to be much more efficient; but require the interaction between parties in the key generation and the set of parties is fixed throughout the entire evaluation. On the other hand, MKHE schemes have poor scaling with the number of parties but allow us to add new parties to the joint computation anytime.
In this work, we construct the first MPHE scheme that features a non-interactive key generation.
We refactor the evaluation key to be nearly linear, allowing it to be computed by simple summation. As a result, our MPHE allows each party to independently and asynchronously broadcasts its key.
In addition, we propose a new HE primitive, called Multi-Group HE (MGHE). Stated informally, an MGHE scheme provides seamless integration between MPHE and MKHE, and combines the best of both these primitives. In an MGHE scheme, a group of parties generates a public key jointly which results in compact ciphertexts and efficient homomorphic operations, similar to MPHE. However, unlike MPHE, it also supports computations on encrypted data under different keys, a property enjoyed by MKHE schemes.
We present a construction of MGHE from the BFV scheme and provide a proof-of-concept implementation to demonstrate its concrete performance.
Finally, we describe a general approach to construct a multi-party protocol from MGHE. We provide a proof-of-concept implementation of a logistic regression model where our MGHE interpolates between MPHE (where the training is performed) and MKHE (where the inference is performed)
Accelerating HE Operations from Key Decomposition Technique
Lattice-based homomorphic encryption (HE) schemes are based on the noisy encryption technique, where plaintexts are masked with some random noise for security. Recent advanced HE schemes rely on a decomposition technique to manage the growth of noise, which involves a conversion of a ciphertext entry into a short vector followed by multiplication with an evaluation key. Prior to this work, the decomposition procedure turns out to be the most time-consuming part, as it requires discrete Fourier transforms (DFTs) over the base ring for efficient polynomial arithmetic. In this paper, an expensive decomposition operation over a large modulus is replaced with relatively cheap operations over a ring of integers with a small bound. Notably, the cost of DFTs is reduced from quadratic to linear with the level of a ciphertext without any extra noise growth. We demonstrate the implication of our approach by applying it to the key-switching procedure. Our experiments show that the new key-switching method achieves a speedup of 1.2--2.3 or 2.1--3.3 times over the previous method, when the dimension of a base ring is or , respectively
Selective Dissolution Characteristics of 26Cr-7Ni-2.5Mo-3W Duplex Stainless Steel in H 2 SO 4 /HCl Mixed Solution
Selective dissolution of hyper duplex stainless steel was studied by potentiodynamic and potentiostatic test in various concentrations of H 2 SO 4 /HCl solutions at various temperatures. There were two peaks in the active-to-passive transition region in potentiodynamic test in 2 M H 2 SO 4 + 0.5 M HCl solution at 60 C. In potentiostatic tests, the curve at À340 mV showed stable current density. As the potential increased, the current density increased and at above À310 mV potential, there was a much longer initial period of nonsteady current value. As the potential reached at À280 mV, the current density started to be stabilized and the current density was completely stabilized at À250 mV. It was found that a preferential dissolution of ferrite phase occurred at À330 mV and with the increase of potential, austenite phase was corroded at a high rate. On the other hand, both two phases were passivated at the potential above À270 mV, so that selective dissolution was absent
Correlation between low skeletal muscle index and 3D anthropometric data measured by 3D body scanner: screening sarcopenia
BackgroundThe screening tools for sarcopenia are measuring calf circumference, SARC-F or SPPB. However, not all of these tools have high sensitivity, specificity, and low margins of error. This research investigates potential of 3D anthropometry of the lower extremities on screening of sarcopenia.MethodsFrom October 2022 to February 2023, we retrospectively analyzed results of 3D body scanner and bio-impedance analysis for patients aged 45 to 85 at risk of sarcopenia. The 3D scanner measured the surface and volume values of both thighs and calves. When skeletal muscle index (SMI) is less than 5.7, patients were classified to Low SMI group, indicative of sarcopenia.ResultsA total six out of 62 patients were classified to Low SMI group, showing significantly lower values of right, left, mean calf volumes and mean calf surface than the other patients (right calf volume 2.62 L vs. 3.34 L, p = 0.033; left calf volume 2.62 L vs. 3.25 L, p = 0.044; mean calf volume 2.62 L vs. 3.29 L, p = 0.029; mean calf surface 0.12 m2 vs. 0.13 m2, p = 0.049). There was no statistical difference in thigh volume and surface. Through AUC-ROC analysis, mean calf volume was the most significant cut-off value (right calf volume 2.80 L, AUC = 0.768; left calf volume 2.75 L, AUC = 0.753; mean calf volume 3.06 L, AUC = 0.774; mean calf surface 0.12 m2, AUC = 0.747).ConclusionThe calf volume and surface values have significant relationship with low SMI, and the mean calf volume was the most significant cut-off screening value for Low SMI. The 3D scanner demonstrated its value as a new means for screening sarcopenia
Lizard: Cut off the Tail! Practical Post-Quantum Public-Key Encryption from LWE and LWR
The LWE problem has been widely used in many constructions for post-quantum cryptography due to its strong security reduction from the worst-case of lattice hard problems and its lightweight operations. The PKE schemes based on the LWE problem have a simple and fast decryption, but the encryption phase is rather slow due to large parameter size for the leftover hash lemma or expensive Gaussian samplings.
In this paper, we propose a novel PKE scheme, called Lizard, without relying on either of them. The encryption procedure of Lizard first combines several LWE samples as in the previous LWE-based PKEs,
but the following step to re-randomize this combination before adding a plaintext is different: it removes several least significant bits of each component of the computed vector rather than adding an auxiliary error vector. Lizard is IND-CPA secure under the hardness assumptions of the LWE and LWR problems, and its variant achieves IND-CCA security in the quantum random oracle model.
Our approach accelerates encryption speed to a large extent and also reduces the size of ciphertexts, and Lizard is very competitive for applications requiring fast encryption and decryption phases. In our single-core implementation on a laptop, the encryption and decryption of IND-CCA Lizard with 256-bit plaintext space under 128-bit quantum security take 0.014 and 0.027 milliseconds, which are comparable to those of NTRU. To achieve these results, we further take some advantages of sparse small secrets
- …