MoPS: A Modular Protection Scheme for Long-Term Storage

Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to develop protection schemes that ensure security even in the long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic primitives. However, all current solutions fail to provide optimal performance for different application scenarios. Thus, in this work, we present MoPS, a modular protection scheme to ensure authenticity and integrity for data stored over long periods of time. MoPS does not come with any requirements regarding the storage architecture and can therefore be used together with existing archiving or storage systems. It supports a set of techniques which can be plugged together, combined, and migrated in order to create customized solutions that fulfill the requirements of different application scenarios in the best possible way. As a proof of concept we implemented MoPS and provide performance measurements. Furthermore, our implementation provides additional features, such as guidance for non-expert users and export functionalities for external verifiers.Comment: Original Publication (in the same form): ASIACCS 201

A Low-Round Distributed PRF from Lattices and its Application to Distributed Key Management

We initiate the study of lattice-based pseudo-random functions (PRFs) for use in multi-party computation protocols, motivated by their application to distributed key management. We show that the LWE-based PRF of Boneh et al. (CRYPTO\u2713) can be turned into a distributed PRF protocol that runs in only 8 online rounds, improving over the state-of-the-art by an order of magnitude. The resulting protocol can be used as a method for distributed key derivation and reduces the amount of managed key material in distributed key management systems from linear in the number of users to constant. Finally, we support our findings by implementing and evaluating our protocol using the MP-SPDZ framework (CCS\u2720)

LINCOS - A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality (Full Paper)

The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, whichprovides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is the first such scheme that does not leak any information about the protected data. COPRIS uses information-theoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud

An interactive genome browser of association results from the UK10K cohorts project.

UNLABELLED: High-throughput sequencing technologies survey genetic variation at genome scale and are increasingly used to study the contribution of rare and low-frequency genetic variants to human traits. As part of the Cohorts arm of the UK10K project, genetic variants called from low-read depth (average 7×) whole genome sequencing of 3621 cohort individuals were analysed for statistical associations with 64 different phenotypic traits of biomedical importance. Here, we describe a novel genome browser based on the Biodalliance platform developed to provide interactive access to the association results of the project. AVAILABILITY AND IMPLEMENTATION: The browser is available at http://www.uk10k.org/dalliance.html. Source code for the Biodalliance platform is available under a BSD license from http://github.com/dasmoth/dalliance, and for the LD-display plugin and backend from http://github.com/dasmoth/ldserv

Whole-genome sequence-based analysis of thyroid function

Tiina Paunio on työryhmän UK10K Consortium jäsen.Normal thyroid function is essential for health, but its genetic architecture remains poorly understood. Here, for the heritable thyroid traits thyrotropin (TSH) and free thyroxine (FT4), we analyse whole-genome sequence data from the UK10K project (N = 2,287). Using additional whole-genome sequence and deeply imputed data sets, we report meta-analysis results for common variants (MAF >= 1%) associated with TSH and FT4 (N = 16,335). For TSH, we identify a novel variant in SYN2 (MAF = 23.5%, P = 6.15 x 10(-9)) and a new independent variant in PDE8B (MAF = 10.4%, P = 5.94 x 10(-14)). For FT4, we report a low-frequency variant near B4GALT6/ SLC25A52 (MAF = 3.2%, P = 1.27 x 10(-9)) tagging a rare TTR variant (MAF = 0.4%, P = 2.14 x 10(-11)). All common variants explain >= 20% of the variance in TSH and FT4. Analysis of rare variants (MAFPeer reviewe

Bi-allelic Loss-of-Function CACNA1B Mutations in Progressive Epilepsy-Dyskinesia.

The occurrence of non-epileptic hyperkinetic movements in the context of developmental epileptic encephalopathies is an increasingly recognized phenomenon. Identification of causative mutations provides an important insight into common pathogenic mechanisms that cause both seizures and abnormal motor control. We report bi-allelic loss-of-function CACNA1B variants in six children from three unrelated families whose affected members present with a complex and progressive neurological syndrome. All affected individuals presented with epileptic encephalopathy, severe neurodevelopmental delay (often with regression), and a hyperkinetic movement disorder. Additional neurological features included postnatal microcephaly and hypotonia. Five children died in childhood or adolescence (mean age of death: 9 years), mainly as a result of secondary respiratory complications. CACNA1B encodes the pore-forming subunit of the pre-synaptic neuronal voltage-gated calcium channel Cav2.2/N-type, crucial for SNARE-mediated neurotransmission, particularly in the early postnatal period. Bi-allelic loss-of-function variants in CACNA1B are predicted to cause disruption of Ca2+ influx, leading to impaired synaptic neurotransmission. The resultant effect on neuronal function is likely to be important in the development of involuntary movements and epilepsy. Overall, our findings provide further evidence for the key role of Cav2.2 in normal human neurodevelopment.MAK is funded by an NIHR Research Professorship and receives funding from the Wellcome Trust, Great Ormond Street Children's Hospital Charity, and Rosetrees Trust. E.M. received funding from the Rosetrees Trust (CD-A53) and Great Ormond Street Hospital Children's Charity. K.G. received funding from Temple Street Foundation. A.M. is funded by Great Ormond Street Hospital, the National Institute for Health Research (NIHR), and Biomedical Research Centre. F.L.R. and D.G. are funded by Cambridge Biomedical Research Centre. K.C. and A.S.J. are funded by NIHR Bioresource for Rare Diseases. The DDD Study presents independent research commissioned by the Health Innovation Challenge Fund (grant number HICF-1009-003), a parallel funding partnership between the Wellcome Trust and the Department of Health, and the Wellcome Trust Sanger Institute (grant number WT098051). We acknowledge support from the UK Department of Health via the NIHR comprehensive Biomedical Research Centre award to Guy's and St. Thomas' National Health Service (NHS) Foundation Trust in partnership with King's College London. This research was also supported by the NIHR Great Ormond Street Hospital Biomedical Research Centre. J.H.C. is in receipt of an NIHR Senior Investigator Award. The research team acknowledges the support of the NIHR through the Comprehensive Clinical Research Network. The views expressed are those of the author(s) and not necessarily those of the NHS, the NIHR, Department of Health, or Wellcome Trust. E.R.M. acknowledges support from NIHR Cambridge Biomedical Research Centre, an NIHR Senior Investigator Award, and the University of Cambridge has received salary support in respect of E.R.M. from the NHS in the East of England through the Clinical Academic Reserve. I.E.S. is supported by the National Health and Medical Research Council of Australia (Program Grant and Practitioner Fellowship)

Long-Term Protection of Integrity and Confidentiality – Security Foundations and System Constructions

Huge amounts of information today are stored digitally and a significant amount of this information (e.g., health records) must be kept unaltered and confidential over long periods of time (i.e., decades or centuries). Consequently, there is a high demand for protection schemes that can ensure integrity and confidentiality over such long time periods. The cryptographic schemes used today for protecting integrity and confidentiality (e.g., RSA signatures and AES encryption), however, are not designed to provide long-term protection as their security relies on computational assumptions (e.g., that factoring large integers is infeasible) and trust assumptions (e.g., that a secret key is not compromised) which cannot be guaranteed over such long time periods. To achieve long-term integrity protection Bayer, Haber, and Stornetta proposed a method for prolonging the validity of digital signatures by using cryptographic timestamping. The security of this method, however, is unclear as no precise security analysis has been performed. To achieve long-term confidentiality protection there exist information-theoretically secure schemes (e.g., Quantum Key Distribution, One-Time-Pad Encryption, or Secret Sharing) whose security does not depend on computational assumptions. However, so far it is unclear whether information-theoretic confidentiality protection can be combined with prolongable integrity protection. This thesis answers both of these research questions. In the first part, we develop the first formal security models and proofs for several long-term integrity protection schemes that are derived from the ideas of Bayer, Haber, and Stornetta. We first develop a novel computational model that captures long-lived adversaries whose computational power increases over time. Then, using this model, we show that signature-based long-term integrity protection can be constructed from short-term unforgeable signature schemes and that hash-based long-term integrity protection can be constructed from short-term preimage-aware hash functions. We also propose a new cryptographic primitive called long-term commitment, which is crucial for the second part of this thesis. In the second part we then present the first storage system that combines information-theoretic confidentiality protection with prolongable integrity protection. We also propose two extensions of this system, where the first enables long-term access pattern hiding security (i.e., it remains secret which data items are accessed by the user at which times) and the second improves the efficiency when storing large complex datasets

Long-Term Protection of Integrity and Confidentiality – Security Foundations and System Constructions

Huge amounts of information today are stored digitally and a significant amount of this information (e.g., health records) must be kept unaltered and confidential over long periods of time (i.e., decades or centuries). Consequently, there is a high demand for protection schemes that can ensure integrity and confidentiality over such long time periods. The cryptographic schemes used today for protecting integrity and confidentiality (e.g., RSA signatures and AES encryption), however, are not designed to provide long-term protection as their security relies on computational assumptions (e.g., that factoring large integers is infeasible) and trust assumptions (e.g., that a secret key is not compromised) which cannot be guaranteed over such long time periods. To achieve long-term integrity protection Bayer, Haber, and Stornetta proposed a method for prolonging the validity of digital signatures by using cryptographic timestamping. The security of this method, however, is unclear as no precise security analysis has been performed. To achieve long-term confidentiality protection there exist information-theoretically secure schemes (e.g., Quantum Key Distribution, One-Time-Pad Encryption, or Secret Sharing) whose security does not depend on computational assumptions. However, so far it is unclear whether information-theoretic confidentiality protection can be combined with prolongable integrity protection. This thesis answers both of these research questions. In the first part, we develop the first formal security models and proofs for several long-term integrity protection schemes that are derived from the ideas of Bayer, Haber, and Stornetta. We first develop a novel computational model that captures long-lived adversaries whose computational power increases over time. Then, using this model, we show that signature-based long-term integrity protection can be constructed from short-term unforgeable signature schemes and that hash-based long-term integrity protection can be constructed from short-term preimage-aware hash functions. We also propose a new cryptographic primitive called long-term commitment, which is crucial for the second part of this thesis. In the second part we then present the first storage system that combines information-theoretic confidentiality protection with prolongable integrity protection. We also propose two extensions of this system, where the first enables long-term access pattern hiding security (i.e., it remains secret which data items are accessed by the user at which times) and the second improves the efficiency when storing large complex datasets