GenePING: secure, scalable management of personal genomic data

BACKGROUND: Patient genomic data are rapidly becoming part of clinical decision making. Within a few years, full genome expression profiling and genotyping will be affordable enough to perform on every individual. The management of such sizeable, yet fine-grained, data in compliance with privacy laws and best practices presents significant security and scalability challenges. RESULTS: We present the design and implementation of GenePING, an extension to the PING personal health record system that supports secure storage of large, genome-sized datasets, as well as efficient sharing and retrieval of individual datapoints (e.g. SNPs, rare mutations, gene expression levels). Even with full access to the raw GenePING storage, an attacker cannot discover any stored genomic datapoint on any single patient. Given a large-enough number of patient records, an attacker cannot discover which data corresponds to which patient, or even the size of a given patient's record. The computational overhead of GenePING's security features is a small constant, making the system usable, even in emergency care, on today's hardware. CONCLUSION: GenePING is the first personal health record management system to support the efficient and secure storage and sharing of large genomic datasets. GenePING is available online at , licensed under the LGPL

What Are the Benefits and Risks of Fitting Patients with Radiofrequency Identification Devices

Background to the debate: In 2004, the United States Food and Drug Administration approved a radiofrequency identification (RFID) device that is implanted under the skin of the upper arm of patients and that stores the patient's medical identifier. When a scanner is passed over the device, the identifier is displayed on the screen of an RFID reader. An authorized health professional can then use the identifier to access the patient's clinical information, which is stored in a separate, secure database. Such RFID devices may have many medical benefits—such as expediting identification of patients and retrieval of their medical records. But critics of the technology have raised several concerns, including the risk of the patient's identifying information being used for nonmedical purposes

Efficient Receipt-Free Ballot Casting Resistant to Covert Channels

We present an efficient, covert-channel-resistant, receipt-free ballot casting scheme that can be used by humans without trusted hardware. In comparison to the recent Moran-Naor proposal, our scheme produces a significantly shorter ballot, prevents covert channels in the ballot, and opts for statistical soundness rather than everlasting privacy (achieving both seems impossible). The human interface remains the same, based on Neff\u27s MarkPledge scheme, and requires of the voter only short-string operations

DEMOS-2:scalable E2E verifiable elections without random oracles

Recently, Kiayias, Zacharias and Zhang-proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to {\em precompute} a number of ciphertexts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext. In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero-knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging

Voting: You Can’t Have Privacy without Individual Verifiability

International audienceElectronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability (anyone can check that the result corresponds to the published ballots); and eligibility verifiability (only legitimate voters may vote). We show that actually, privacy implies individual verifiability. In other words, systems without individual verifiability cannot achieve privacy (under the same trust assumptions). To demonstrate the generality of our result, we show this implication in two different settings, namely cryptographic and symbolic models, for standard notions of privacy and individual verifiability. Our findings also highlight limitations in existing privacy definitions in cryptographic settings

A two authorities electronic vote scheme

[EN] In this paper we propose a new electronic multi-authority voting system based on blind signatures. We focus on the open problem of the efficiency of electronic voting systems. Most of the proposed systems rely on complex architectures or expensive proofs, in this work we aim to reduce the time-complexity of the voting process, both for the voter and the authorities involved. Our system is focused on simplicity and it is based on the assumption of two unrelated entities. This simplicity makes our approach scalable and flexible to multiple kinds of elections. We propose a method that limits the number of authorities to only 2 of them; we reduce the overall number of modular operations; and, propose a method which cut downs the interactions needed to cast a vote. The result is a voting protocol whose complexity scales linearly with the number of votes.Larriba-Flor, AM.; Sempere Luna, JM.; López Rodríguez, D. (2020). A two authorities electronic vote scheme. Computers & Security. 97:1-12. https://doi.org/10.1016/j.cose.2020.101940S11297Bloom, B. H. (1970). Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13(7), 422-426. doi:10.1145/362686.362692Brams S., Fishburn P.C.. 2007. Approval voting Springer ScienceCarroll, T. E., & Grosu, D. (2009). A secure and anonymous voter-controlled election scheme. Journal of Network and Computer Applications, 32(3), 599-606. doi:10.1016/j.jnca.2008.07.010Chaum, D. L. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84-90. doi:10.1145/358549.358563Cramer, R., Gennaro, R., & Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European Transactions on Telecommunications, 8(5), 481-490. doi:10.1002/ett.4460080506Desmedt, Y. G. (2010). Threshold cryptography. European Transactions on Telecommunications, 5(4), 449-458. doi:10.1002/ett.4460050407Elgamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469-472. doi:10.1109/tit.1985.1057074Juang, W.-S. (2002). A Verifiable Multi-Authority Secret Election Allowing Abstention from Voting. The Computer Journal, 45(6), 672-682. doi:10.1093/comjnl/45.6.672Menezes A., van Oorschot P.C., Vanstone S.A.. 1996. Handbook of Applied Cryptography.Parhami, B. (1994). Voting algorithms. IEEE Transactions on Reliability, 43(4), 617-629. doi:10.1109/24.370218Rabin, M. O. (1980). Probabilistic Algorithms in Finite Fields. SIAM Journal on Computing, 9(2), 273-280. doi:10.1137/0209024Rabin, M. O. (1983). Transaction protection by beacons. Journal of Computer and System Sciences, 27(2), 256-267. doi:10.1016/0022-0000(83)90042-9Salazar, J. L., Piles, J. J., Ruiz-Mas, J., & Moreno-Jiménez, J. M. (2010). Security approaches in e-cognocracy. Computer Standards & Interfaces, 32(5-6), 256-265. doi:10.1016/j.csi.2010.01.004Nguyen, T. A. T., & Dang, T. K. (2013). Enhanced security in internet voting protocol using blind signature and dynamic ballots. Electronic Commerce Research, 13(3), 257-272. doi:10.1007/s10660-013-9120-5Wu, Z.-Y., Wu, J.-C., Lin, S.-C., & Wang, C. (2014). An electronic voting mechanism for fighting bribery and coercion. Journal of Network and Computer Applications, 40, 139-150. doi:10.1016/j.jnca.2013.09.011Yang, X., Yi, X., Nepal, S., Kelarev, A., & Han, F. (2018). A Secure Verifiable Ranked Choice Online Voting System Based on Homomorphic Encryption. IEEE Access, 6, 20506-20519. doi:10.1109/access.2018.2817518Yi, X., & Okamoto, E. (2013). Practical Internet voting system. Journal of Network and Computer Applications, 36(1), 378-387. doi:10.1016/j.jnca.2012.05.00

Estado nutricional vinculado a ingesta alimentaria y actividad física que realizan estudiantes de séptimo grado de tres colegios privados. Managua-Nicaragua. Abril-Agosto 2015.

Estudio descriptivo de corte transversal en 150 estudiantes de séptimo grado de los colegios: Mi Redentor, Bautista y Jesús Divino Obrero del departamento de Managua. Se concluye que más de la mitad de estudiantes, presentaron estado nutricional normal. Coexiste malnutrición por déficit, y por exceso, asociado al riesgo cardiovascular y antecedentes patológicos familiares de hipertensión y diabetes. El desayuno es la comida que se saltaron con mayor frecuencia. El patrón alimentario lo conforman trece alimentos. La práctica de actividades físicas que realizan: caminar, correr, montar en bicicleta, jugar futbol, voleibol y baloncesto. En la clase de educación física los alumnos están siempre y algunas veces activos

Sharing Data for Public Health Research by Members of an International Online Diabetes Social Network

Background: Surveillance and response to diabetes may be accelerated through engaging online diabetes social networks (SNs) in consented research. We tested the willingness of an online diabetes community to share data for public health research by providing members with a privacy-preserving social networking software application for rapid temporal-geographic surveillance of glycemic control. Methods and Findings: SN-mediated collection of cross-sectional, member-reported data from an international online diabetes SN entered into a software applicaction we made available in a “Facebook-like” environment to enable reporting, charting and optional sharing of recent hemoglobin A1c values through a geographic display. Self-enrollment by 17% (n = 1,136) of n = 6,500 active members representing 32 countries and 50 US states. Data were current with 83.1% of most recent A1c values reported obtained within the past 90 days. Sharing was high with 81.4% of users permitting data donation to the community display. 34.1% of users also displayed their A1cs on their SN profile page. Users selecting the most permissive sharing options had a lower average A1c (6.8%) than users not sharing with the community (7.1%, p = .038). 95% of users permitted re-contact. Unadjusted aggregate A1c reported by US users closely resembled aggregate 2007–2008 NHANES estimates (respectively, 6.9% and 6.9%, p = 0.85). Conclusions: Success within an early adopter community demonstrates that online SNs may comprise efficient platforms for bidirectional communication with and data acquisition from disease populations. Advancing this model for cohort and translational science and for use as a complementary surveillance approach will require understanding of inherent selection and publication (sharing) biases in the data and a technology model that supports autonomy, anonymity and privacy.Centers for Disease Control and Prevention (U.S.) (P01HK000088-01)Centers for Disease Control and Prevention (U.S.) (P01HK000016 )National Institute of Alcohol Abuse and Alcoholism (U.S.) (R21 AA016638-01A1)National Center for Research Resources (U.S.) (1U54RR025224-01)Children's Hospital (Boston, Mass.) (Program for Patient Safety and Quality