Preliminary Observations on the Ability to Adapt To Salinity Changes in Nursehound Scyliorhinus Stellaris (Linnaeus, 1758) and Small Spotted Catsharks Scyliorhinus Canicula

Nursehound Scyliorhinus stellaris and small spotted catsharks Scyliorhinus canicula are frequently hosted in public aquaria and their husbandry is improving. The reproduction of this species in captive conditions is not difficult and juveniles are easily maintained in laboratory or in thematic tanks showed to the public. Data on juveniles are easily acquired in order to understand different aspects of their natural life and physiology. In two stages, during 2006 and 2010, six S. stellaris and three S. canicula juveniles were tested at different salinity levels under controlled conditions in order to understand their responses in terms of respiration rate to this stress. In fact this is a benthic species living at constant water quality parameters at approximately 70-100 meters deep

Security analysis of standard authentication and key agreement protocols utilising timestamps

We propose a generic modelling technique that can be used to extend existing frameworks for theoretical security analysis in order to capture the use of timestamps. We apply this technique to two of the most popular models adopted in literature (Bellare-Rogaway and Canetti-Krawczyk). We analyse previous results obtained using these models in light of the proposed extensions, and demonstrate their application to a new class of protocols. In the timed CK model we concentrate on modular design and analysis of protocols, and propose a more efficient timed authenticator relying on timestamps. The structure of this new authenticator implies that an authentication mechanism standardised in ISO-9798 is secure. Finally, we use our timed extension to the BR model to establish the security of an efficient ISO protocol for key transport and unilateral entity authentication

Kinetic Equations for Baryogenesis via Sterile Neutrino Oscillation

We investigate baryogenesis in the $\nu$MSM (neutrino Minimal Standard Model), which is the MSM extended by three right-handed neutrinos with masses below the electroweak scale. The baryon asymmetry of the universe can be generated by the mechanism via flavor oscillation of right-handed (sterile) neutrinos which are responsible to masses of active neutrinos confirmed by various experiments. We present the kinetic equations for the matrix of densities of leptons which describe the generation of asymmetries. Especially, the momentum dependence of the matrix of densities is taken into account. By solving these equations numerically, it is found that the momentum distribution is significantly distorted from the equilibrium one, since the production for the modes with lower momenta $k \ll T$ ($T$ is the temperature of the universe) is enhanced, while suppressed for higher modes. As a result, the most important mode for the yields of sterile neutrinos as well as the baryon asymmetry is $k \simeq 2 T$, which is smaller than inferred from the thermal average. The comparison with the previous works is also discussed.Comment: 22 pages, 19 figure

Silvicultura urbana em municípios brasileiros e]com maior concentração populacional.

A boa gestão da arborização urbana é um dos principais requisitos para propiciar qualidade de vida à população. Para o manejo e planejamento da silvicultura urbana é importante um diagnóstico detalhado. O diagnóstico da silvicultura urbana é obtido principalmente por inventário arbóreo e serve como subsídio para o planejamento urbano. As cidades brasileiras tem estrutura precária de gerenciamento da arborização e não há um plano nacional de inventário urbano. Objetivou-se identificar dentre os municípios mais populosos do Brasil, aqueles que contam com inventários e manejo da silvicultura urbana para futuras políticas públicas da área

Secure Multiparty Computation from SGX

International audienceIsolated Execution Environments (IEE) offered by novel commodity hardware such as Intel's SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party's inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load-essentially that of computing the functionality-is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation

Silvicultura urbana em municípios brasileiros com maior concentração populacional.

Resumo

Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data

User-generated data is crucial to predictive modeling in many applications. With a web/mobile/wearable interface, a data owner can continuously record data generated by distributed users and build various predictive models from the data to improve their operations, services, and revenue. Due to the large size and evolving nature of users data, data owners may rely on public cloud service providers (Cloud) for storage and computation scalability. Exposing sensitive user-generated data and advanced analytic models to Cloud raises privacy concerns. We present a confidential learning framework, SecureBoost, for data owners that want to learn predictive models from aggregated user-generated data but offload the storage and computational burden to Cloud without having to worry about protecting the sensitive data. SecureBoost allows users to submit encrypted or randomly masked data to designated Cloud directly. Our framework utilizes random linear classifiers (RLCs) as the base classifiers in the boosting framework to dramatically simplify the design of the proposed confidential boosting protocols, yet still preserve the model quality. A Cryptographic Service Provider (CSP) is used to assist the Cloud's processing, reducing the complexity of the protocol constructions. We present two constructions of SecureBoost: HE+GC and SecSh+GC, using combinations of homomorphic encryption, garbled circuits, and random masking to achieve both security and efficiency. For a boosted model, Cloud learns only the RLCs and the CSP learns only the weights of the RLCs. Finally, the data owner collects the two parts to get the complete model. We conduct extensive experiments to understand the quality of the RLC-based boosting and the cost distribution of the constructions. Our results show that SecureBoost can efficiently learn high-quality boosting models from protected user-generated data

A method for making password-based key exchange resilient to server compromise

Abstract. This paper considers the problem of password-authenticated key exchange (PAKE) in a client-server setting, where the server authenticates using a stored password file, and it is desirable to maintain some degree of security even if the server is compromised. A PAKE scheme is said to be resilient to server compromise if an adversary who compromises the server must at least perform an offline dictionary attack to gain any advantage in impersonating a client. (Of course, offline dictionary attacks should be infeasible in the absence of server compromise.) One can see that this is the best security possible, since by definition the password file has enough information to allow one to play the role of the server, and thus to verify passwords in an offline dictionary attack. While some previous PAKE schemes have been proven resilient to server compromise, there was no known general technique to take an arbitrary PAKE scheme and make it provably resilient to server compromise. This paper presents a practical technique for doing so which requires essentially one extra round of communication and one signature computation/verification. We prove security in the universal composability framework by (1) defining a new functionality for PAKE with resilience to server compromise, (2) specifying a protocol combining this technique with a (basic) PAKE functionality, and (3) proving (in the random oracle model) that this protocol securely realizes the new functionality.

The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs

Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors we design an algorithm that strengthens security of passwords. The core idea of our method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies.Comment: 5 pages, 6 figer

Approximate quantum counting on an NMR ensemble quantum computer

We demonstrate the implementation of a quantum algorithm for estimating the number of matching items in a search operation using a two qubit nuclear magnetic resonance (NMR) quantum computer.Comment: 4 pages LaTeX/RevTex including 4 figures (3 LaTeX, 1 PostScript). Submitted to Physical Review Letter