SGXIO: Generic Trusted I/O Path for Intel SGX

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel introduced SGX, which allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1

Revocation in Publicly Verifiable Outsourced Computation

The combination of software-as-a-service and the increasing use of mobile devices gives rise to a considerable difference in computational power between servers and clients. Thus, there is a desire for clients to outsource the evaluation of complex functions to an external server. Servers providing such a service may be rewarded per computation, and as such have an incentive to cheat by returning garbage rather than devoting resources and time to compute a valid result. In this work, we introduce the notion of Revocable Publicly Verifiable Computation (RPVC), where a cheating server is revoked and may not perform future computations (thus incurring a financial penalty). We introduce a Key Distribution Center (KDC) to efficiently handle the generation and distribution of the keys required to support RPVC. The KDC is an authority over entities in the system and enables revocation. We also introduce a notion of blind verification such that results are verifiable (and hence servers can be rewarded or punished) without learning the value. We present a rigorous definitional framework, define a number of new security models and present a construction of such a scheme built upon Key-Policy Attribute-based Encryption.

Precision measurements of A(1)(n) in the deep inelastic regime

We have performed precision measurements of the double-spin virtual-photon asymmetry A(1) on the neutron in the deep inelastic scattering regime, using an open-geometry, large-acceptance spectrometer and a longitudinally and transversely polarized He-3 target. Our data cover a wide kinematic range 0.277 \u3c = x \u3c = 0.548 at an average Q(2) value of 3.078(GeV/c)(2), doubling the available high-precision neutron data in this xrange. We have combined our results with world data on proton targets to make a leading-order extraction of the ratio of polarized-to-unpolarized parton distribution functions for up quarks and for down quarks in the same kinematic range. Our data are consistent with a previous observation of an A(1)(n) zero crossing near x = 0.5. We find no evidence of a transition to a positive slope in (Delta d + Delta(d) over bar)/(d + (d) over bar) up to x = 0.548. (C) 2015 The Authors. Published by Elsevier B.V

A high-finesse Fabry-Perot cavity with a frequency-doubled green laser for precision Compton polarimetry at Jefferson Lab

A high-finesse Fabry-Perot cavity with a frequency-doubled continuous wave green laser (532~nm) has been built and installed in Hall A of Jefferson Lab for high precision Compton polarimetry. The infrared (1064~nm) beam from a ytterbium-doped fiber amplifier seeded by a Nd:YAG nonplanar ring oscillator laser is frequency doubled in a single-pass periodically poled MgO:LiNbO$_{3}$ crystal. The maximum achieved green power at 5 W IR pump power is 1.74 W with a total conversion efficiency of 34.8\%. The green beam is injected into the optical resonant cavity and enhanced up to 3.7~kW with a corresponding enhancement of 3800. The polarization transfer function has been measured in order to determine the intra-cavity circular laser polarization within a measurement uncertainty of 0.7\%. The PREx experiment at Jefferson Lab used this system for the first time and achieved 1.0\% precision in polarization measurements of an electron beam with energy and current of 1.0~GeV and 50~$\mu$A.Comment: 20 pages, 22 figures, revised version of arXiv:1601.00251v1, submitted to NIM

Private Outsourcing of Polynomial Evaluation and Matrix Multiplication using Multilinear Maps

{\em Verifiable computation} (VC) allows a computationally weak client to outsource the evaluation of a function on many inputs to a powerful but untrusted server. The client invests a large amount of off-line computation and gives an encoding of its function to the server. The server returns both an evaluation of the function on the client's input and a proof such that the client can verify the evaluation using substantially less effort than doing the evaluation on its own. We consider how to privately outsource computations using {\em privacy preserving} VC schemes whose executions reveal no information on the client's input or function to the server. We construct VC schemes with {\em input privacy} for univariate polynomial evaluation and matrix multiplication and then extend them such that the {\em function privacy} is also achieved. Our tool is the recently developed {mutilinear maps}. The proposed VC schemes can be used in outsourcing {private information retrieval (PIR)}.Comment: 23 pages, A preliminary version appears in the 12th International Conference on Cryptology and Network Security (CANS 2013

Sea-ice production and air/ice/ocean/biogeochemistry interactions in the Ross Sea during the PIPERS 2017 autumn field campaign

The Ross Sea is known for showing the greatest sea-ice increase, as observed globally, particularly from 1979 to 2015. However, corresponding changes in sea-ice thickness and production in the Ross Sea are not known, nor how these changes have impacted water masses, carbon fluxes, biogeochemical processes and availability of micronutrients. The PIPERS project sought to address these questions during an autumn ship campaign in 2017 and two spring airborne campaigns in 2016 and 2017. PIPERS used a multidisciplinary approach of manned and autonomous platforms to study the coupled air/ice/ocean/biogeochemical interactions during autumn and related those to spring conditions. Unexpectedly, the Ross Sea experienced record low sea ice in spring 2016 and autumn 2017. The delayed ice advance in 2017 contributed to (1) increased ice production and export in coastal polynyas, (2) thinner snow and ice cover in the central pack, (3) lower sea-ice Chl-a burdens and differences in sympagic communities, (4) sustained ocean heat flux delaying ice thickening and (5) a melting, anomalously southward ice edge persisting into winter. Despite these impacts, airborne observations in spring 2017 suggest that winter ice production over the continental shelf was likely not anomalous

Preliminary Results from Integrating Compton Photon Polarimetry in Hall A of Jefferson Lab

A wide range of nucleon and nuclear structure experiments in Jefferson Lab's Hall A require precise, continuous measurements of the polarization of the electron beam. In our Compton polarimeter, electrons are scattered off photons in a Fabry-Perot cavity; by measuring an asymmetry in the integrated signal of the scattered photons detected in a GSO crystal, we can make non-invasive, continuous measurements of the beam polarization. Our goal is to achieve 1% statistical error within two hours of running. We discuss the design and commissioning of an upgrade to this apparatus, and report preliminary results for experiments conducted at beam energies from 3.5 to 5.9 GeV and photon rates from 5 to 100 kHz.Comment: 6 pages, 7 figures. To appear in the Proceedings of the International Nuclear Physics Conference (INPC 2010), July 4-9 2010, Vancouver, Canada (Journal of Physics: Conference Series