On the Design and Implementation of an Efficient DAA Scheme

International audienceDirect Anonymous Attestation (DAA) is an anonymous digital signature scheme that aims to provide both signer authentication and privacy. One of the properties that makes DAA an attractive choice in practice is the split signer role. In short, a principal signer (a Trusted Platform Module (TPM)) signs messages in collaboration with an assistant signer (the Host, a standard computing platform into which the TPM is embedded). This split aims to harness the high level of security offered by the TPM, and augment it using the high level of computational and storage ability offered by the Host. Our contribution in this paper is a modification to an existing pairing-based DAA scheme that significantly improves efficiency, and a comparison with the original RSA-based DAA scheme via a concrete implementation

Trollthrottle -- Raising the Cost of Astroturfing

Astroturfing, i.e., the fabrication of public discourse by private or state-controlled sponsors via the creation of fake online accounts, has become incredibly widespread in recent years. It gives a disproportionally strong voice to wealthy and technology-savvy actors, permits targeted attacks on public forums and could in the long run harm the trust users have in the internet as a communication platform. Countering these efforts without deanonymising the participants has not yet proven effective; however, we can raise the cost of astroturfing. Following the principle `one person, one voice', we introduce Trollthrottle, a protocol that limits the number of comments a single person can post on participating websites. Using direct anonymous attestation and a public ledger, the user is free to choose any nickname, but the number of comments is aggregated over all posts on all websites, no matter which nickname was used. We demonstrate the deployability of Trollthrottle by retrofitting it to the popular news aggregator website Reddit and by evaluating the cost of deployment for the scenario of a national newspaper (168k comments per day), an international newspaper (268k c/d) and Reddit itself (4.9M c/d)

A Pairing-Based DAA Scheme Further Reducing TPM Resources

Direct Anonymous Attestation (DAA) is an anonymous signature scheme designed for anonymous attestation of a Trusted Platform Module (TPM) while preserving the privacy of the device owner. Since TPM has limited bandwidth and computational capability, one interesting feature of DAA is to split the signer role between two entities: a TPM and a host platform where the TPM is attached. Recently, Chen proposed a new DAA scheme that is more efficient than previous DAA schemes. In this paper, we construct a new DAA scheme requiring even fewer TPM resources. Our DAA scheme is about 5 times more efficient than Chen’s scheme for the TPM implementation using the Barreto-Naehrig curves. In addition, our scheme requires much smaller size of software code that needs to be implemented in the TPM. This makes our DAA scheme ideal for the TPM implementation. Our DAA scheme is efficient and provably secure in the random oracle model under the strong Diffie-Hellman assumption and the decisional Diffie-Hellman assumption.

What is the topology of a Schwarzschild black hole?

We investigate the topology of Schwarzschild's black hole through the immersion of this space-time in spaces of higher dimension. Through the immersions of Kasner and Fronsdal we calculate the extension of the Schwarzschild's black hole.Comment: 7 pages. arXiv admin note: substantial text overlap with arXiv:1102.446

The combinatorics of generalised cumulative arrays.

In this paper we present a combinatorial analysis of generalised cumulative arrays. These are structures that are associated with a monotone collections of subsets of a base set and have properties that find application in areas of information security. We propose a number of basic measures of efficiency of a generalised cumulative array and then study fundamental bounds on their parameters. We then look at a number of construction techniques and show that the problem of finding good generalised cumulative arrays is closely related to the problem of finding boolean expressions with special properties

A conformal boundary for space-times based on light-like geodesics: the 3-dimensional case

A new causal boundary, which we will term the l-boundary, inspired by the geometry of the space of light rays and invariant by conformal diffeomorphisms for space-times of any dimension m ≥ 3, proposed by one of the authors [R. J. Low, The Space of Null Geodesics (and a New Causal Boundary), Lecture Notes in Physics 692 (Springer, 2006), pp. 35-50] is analyzed in detail for space-times of dimension 3. Under some natural assumptions, it is shown that the completed space-time becomes a smooth manifold with boundary and its relation with Geroch-Kronheimer-Penrose causal boundary is discussed.Anumber of examples illustrating the properties of this newcausal boundary as well as a discussion on the obtained results will be provided

EmLog:Tamper-Resistant System Logging for Constrained Devices with TEEs

Remote mobile and embedded devices are used to deliver increasingly impactful services, such as medical rehabilitation and assistive technologies. Secure system logging is beneficial in these scenarios to aid audit and forensic investigations particularly if devices bring harm to end-users. Logs should be tamper-resistant in storage, during execution, and when retrieved by a trusted remote verifier. In recent years, Trusted Execution Environments (TEEs) have emerged as the go-to root of trust on constrained devices for isolated execution of sensitive applications. Existing TEE-based logging systems, however, focus largely on protecting server-side logs and offer little protection to constrained source devices. In this paper, we introduce EmLog -- a tamper-resistant logging system for constrained devices using the GlobalPlatform TEE. EmLog provides protection against complex software adversaries and offers several additional security properties over past schemes. The system is evaluated across three log datasets using an off-the-shelf ARM development board running an open-source, GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory overhead (1MB heap and stack), 430--625 logs/second throughput, and five-times persistent storage overhead versus unprotected logs.Comment: Accepted at the 11th IFIP International Conference on Information Security Theory and Practice (WISTP '17

Horizon formation and far-from-equilibrium isotropization in supersymmetric Yang-Mills plasma

Using gauge/gravity duality, we study the creation and evolution of anisotropic, homogeneous strongly coupled $\mathcal N=4$ supersymmetric Yang-Mills plasma. In the dual gravitational description, this corresponds to horizon formation in a geometry driven to be anisotropic by a time-dependent change in boundary conditions.Comment: 4 pages, typos corrected, published versio

The complications of ‘hiring a hubby’: gender relations and the commoditisation of home maintenance in New Zealand

This paper examines the commoditization of traditionally male domestic tasks through interviews with handymen who own franchises in the company ‘Hire a Hubby’ in New Zealand and homeowners who have paid for home repair tasks to be done. Discussions of the commoditization of traditionally female tasks in the home have revealed the emotional conflicts of paying others to care as well as the exploitative and degrading conditions that often arise when work takes place behind closed doors. By examining the working conditions and relationships involved when traditionally male tasks are paid for, this paper raises important questions about the valuing of reproductive labour and the production of gendered identities. The paper argues that while working conditions and rates of pay for ‘hubbies’ are better than those for people undertaking commoditized forms of traditionally female domestic labour, the negotiation of this work is still complex and implicated in gendered relations and identities. Working on the home was described by interviewees as an expression of care for family and a performance of the ‘right’ way to be a ‘Kiwi bloke’ and a father. Paying others to do this labour can imply a failure in a duty of care and in the performance of masculinity