Tiramisu: Black-Box Simulation Extractable NIZKs in the Updatable CRS Model

Zk-SNARKs, as the most efficient NIZK arguments in terms of proof size and verification, are ubiquitously deployed in practice. In applications like Hawk [S&P\u2716], Gyges [CCS\u2716], Ouroboros Crypsinous [S&P\u2719], the underlying zk-SNARK is lifted to achieve Black-Box Simulation Extractability (BB-SE) under a trusted setup phase. To mitigate the trust in such systems, we propose $\texttt{Tiramisu}$, as a construction to build NIZK arguments that can achieve $\textit{updatable BB-SE}$, which we define as a new variant of BB-SE. This new variant allows $\textit{updating}$ the public parameters, therefore eliminating the need for a trusted third party, while unavoidably relies on a $\textit{non-black-box}$ extraction algorithm in the setup phase. In the cost of one-time individual CRS update by the parties, this gets around a known impossibility result by Bellare et al. from ASIACRYPT\u2716, which shows that BB extractability cannot be achieved with subversion ZK (ZK without trusting a third party). $\texttt{Tiramisu}$ uses an efficient public-key encryption with updatable keys which may be of independent interest. We instantiate $\texttt{Tiramisu}$, implement the overhead, and present efficient BB-SE zk-SNARKs with updatable parameters that can be used in various applications while allowing the end-users to update the parameters and eliminate the needed trust

Synoptic aspects associated with pervasive dust storms in the southwestern regions of Iran

Dust storm is a natural hazardous phenomenon that affects arid and semi-arid regions of the world the same as Iran. The present research aims to investigate the formation of synoptic patterns of pervasive dust storms (PDSs) in the southwestern regions of Iran. For this purpose, daily data of visibility less than 1000m in 16 synoptic stations (Ilam and Khuzestan provinces) were reviewed during 2004–2017, and 59 PDSs with more than 2 days of duration (overlapped: 70% of the region) were extracted. In practice, mid-level atmospheric data (500, 700, 850 hPa, and sea level pressure (SLP)) with 2.5*2.5 degree resolution (domain: 0-80°E and 10-70°N) were obtained from NCEP/NCAR reanalysis dataset, and the matrix 825*59 of 500 hPa data was performed. Principal component analysis (PCA) with S-mod, were used for extracting synoptic patterns that make PDSs. PCA showed that the first four components ensured more than 86.45% of the data variance. PDSs classification based on output components showed that the patterns had seasonal structures. Synoptically, the north wind blowing in the first pattern is the most dominant structure in the formation of PDSs in the Middle East. The second and third patterns showed postfrontal structures. The fourth pattern with prefrontal structure was the reason for PDSs in the cold seasons of the year. From the four final patterns, the first three patterns showed the dominance of the Persian trough in the SLP maps. Mean values map analysis of the aerosol optical depth suggests that each of the most consistent synoptic patterns stimulates special dust centers

Fine-Grained Accountable Privacy via Unlinkable Policy-Compliant Signatures

Privacy-preserving payment systems face the difficult task of balancing privacy and accountability: on one hand, users should be able to transact privately and anonymously, on the other hand, no illegal activities should be tolerated. The challenging question of finding the right balance lies at the core of the research on accountable privacy that stipulates the use of cryptographic techniques for policy enforcement, but still allows an authority to revoke the anonymity of transactions whenever such an automatic enforcement is technically not supported. Current state-of-the-art systems are only able to enforce rather limited policies, such as spending or transaction limits, or assertions about participants, but are unable to enforce more complex policies that for example jointly evaluate both, the private credentials of sender and recipient-let alone to do this without an auditor in the loop during payment. This limits the cases where privacy revocation can be avoided as the method to fulfill regulations, which is unsatisfactory from a data-protection viewpoint and shows the need for cryptographic solutions that are able to elevate accountable privacy to a more fine-grained level. In this work, we present such a solution. We show how to enforce complex policies while offering strong privacy and anonymity guarantees by enhancing the notion of policy-compliant signatures (PCS) introduced by Badertscher, Matt and Waldner (TCC\u2721). In more detail, we first define the notion of unlinkable PCS (ul-PCS) and show how this cryptographic primitive can be generically integrated with a wide range of systems including UTxO-based ledgers, privacy-preserving protocols like Monero or Zcash, and central-bank digital currencies. We give a generic construction for ul-PCS for any policy, and optimized constructions tailored for special policy classes, such as role-based policies and separable policies. To bridge the gap between theory and practice, we provide prototype implementations for all our schemes. We give the first benchmarks for policy-compliant signatures in general, and demonstrate their feasibility for reasonably sized attribute sets for the special cases

Benchmarking the Setup of Updatable zk-SNARKs

Subversion-resistant zk-SNARKs allow the provers to verify the Structured Reference String (SRS), via an SRS Verification (SV) algorithm and bypass the need for a Trusted Third Party (TTP). Pairing-based zk-SNARKs with $updatable$ and $universal$ SRS are an extension of subversion-resistant ones which additionally allow the verifiers to update the SRS, via an SRS Updating (SU) algorithm, and similarly bypass the need for a TTP. In this paper, we examine the setup of these zk-SNARKs by benchmarking the efficiency of the SV and SU algorithms within the $\textsf{Arkworks}$ library. The benchmarking covers a range of updatable zk-SNARKs, including Sonic, Plonk, Marlin, Lunar, and Basilisk. Our analysis reveals that relying solely on the standard Algebraic Group Model (AGM) may not be sufficient in practice, and we may need a model with weaker assumptions. Specifically, we find that while Marlin is secure in the AGM, additional elements need to be added to its SRS to formally prove certain security properties in the updatable CRS model. We demonstrate that the SV algorithms become inefficient for mid-sized circuits with over 20,000 multiplication gates and 100 updates. To address this, we introduce Batched SV algorithms (BSV) that leverage standard batching techniques and offer significantly improved performance. As a tool, we propose an efficient verification approach that allows the parties to identify a malicious SRS updater with logarithmic verification in the number of updates. In the case of Basilisk, for a circuit with $2^{20}$ multiplication gates, a $1000$-time updated SRS can be verified in less than 30 sec, a malicious updater can be identified in less than 4 min (improvable by pre-computation), and each update takes less than 6 min

Larvicidal activity of essential oil and methanol extract of Nepeta menthoides against malaria vector Anopheles stephensi

AbstractObjectiveTo investigate the larvicidal activity of essential oil and methanol extract of the Nepeta menthoides (N. menthoides) against main malaria vector, Anopheles stephensi (An. stephensi).MethodsThe essential oil of plant was obtained by Clevenger type apparatus and the methanol extract was supplied with Percolation method. Larvicidal activity was tested by WHO method. Twenty five fourth-instar larvae of An. stephensi were used in the larvicidal assay and four replicates were tested for each concentration. Five different concentrations of the oil and extract were tested for calculation of LC50 and LC90 values.ResultsThe LC50 and LC90 values were determined by probit analysis. LC50 was 69.5 and 234.3 ppm and LC90 was 175.5 and 419.9 ppm for the extract and essential oil respectively.ConclusionsAccording to the results of this study methanolic extract of plant exhibited more larvicidal activity than essential oil. This could be useful for investigation of new natural larvicidal compounds

Nirvana: Instant and Anonymous Payment-Guarantees

Given the high transaction confirmation latencies in public blockchains, cryptocurrencies such as Bitcoin, Ethereum, etc. are not yet suitable to support real-time services such as transactions on retail markets. There are several solutions to address this latency problem, with layer-2 solutions being the most promising ones. Existing layer-2 solutions, however, suffer from privacy and/or collateral issues when applied to retail environments where customer-merchant relationships are usually ephemeral. In this paper, we propose Nirvana, that can be combined with existing cryptocurrencies to provide instant, anonymous and unlinkable payment guarantees. Nirvana does not require any trusted third party. It conceals the identities of honest participants, thus ensuring customer anonymity within the system while only relying on efficient Groth-Sahai proof systems. We introduce a novel randomness-reusable threshold encryption that mitigates double-spending by revealing the identities of malicious users. We formally prove how our scheme provides customer anonymity, unlinkability of transactions and payment guarantees to merchants. Our experiments demonstrate that Nirvana allows for fast (zero-confirmation) global payments in a retail setting with a delay of less than $1.7$ seconds

Reusable, Instant and Private Payment Guarantees for Cryptocurrencies

Despite offering numerous advantages, public decentralized cryptocurrencies such as Bitcoin suffer from scalability issues such as high transaction latency and low throughput. The vast array of so-called Layer-2 solutions tackling the scalability problem focus on throughput, and consider latency as a secondary objective. However, in the context of retail payments, instant finality of transactions is arguably a more pressing concern, besides the overarching concern for privacy. In this paper, we provide an overlay network that allows privacy-friendly low latency payments in a retail market. Our approach follows that of a recent work called Snappy, which achieved low latency but exposed identities of customers and their transaction histories. Our construction ensures this data is kept private, while providing merchants with protection against double-spending attacks. Although our system is still based upon customers registering with a collateral, crucially this collateral is reusable over time. The technical novelty of our work comes from randomness-reusable threshold encryption (RRTE), a cryptographic primitive we designed specifically for the following features: our construction provably guarantees payments to merchants, preserves the secret identity of honest customers and prevents their transactions from being linked. We also present an implementation of our construction, showing its capacity for fast global payments in a retail setting with a delay of less than 1 second

Threshold Structure-Preserving Signatures

Structure-preserving signatures (SPS) are an important building block for privacy-preserving cryptographic primitives, such as electronic cash, anonymous credentials, and delegatable anonymous credentials. In this work, we introduce the first threshold structure-preserving signature scheme (TSPS). This enables multiple parties to jointly sign a message, resulting in a standard, single-party SPS signature, and can thus be used as a replacement for applications based on SPS. We begin by defining and constructing SPS for indexed messages, which are messages defined relative to a unique index. We prove its security in the random oracle model under a variant of the generalized Pointcheval-Sanders assumption (PS). Moreover, we generalize this scheme to an indexed multi-message SPS for signing vectors of indexed messages, which we prove secure under the same assumption. We then formally define the notion of a TSPS and propose a construction based on our indexed multi-message SPS. Our TSPS construction is fully non-interactive, meaning that signers simply output partial signatures without communicating with the other signers. Additionally, signatures are short: they consist of 2 group elements and require 2 pairing product equations to verify. We prove the security of our TSPS under the security of our indexed multi-message SPS scheme. Finally, we show that our TSPS may be used as a drop-in replacement for UC-secure Threshold-Issuance Anonymous Credential (TIAC) schemes, such as Coconut, without the overhead of the Fischlin transform

Investigation of The Persian Trough and North Wind Roles in Intensifying Warm Period Extensive Dust Storm in western Iran

In this work, the role of the Persian trough and low-level jet (LLJ) in the north wind (Shamal) intensification were studied as the main cause of extensive dust storm (EDS) formation in the warm period of western Iran. In this regard, visibility reduction criteria of less than 1000m and the code of 06 (as a dust event) in more than 50 percent of the stations were refined in 21 stations in the west of Iran (Khuzestan, Ilam, and Kermanshah provinces) during 2000-2009. From a total of 346 dusty days, 28 specks of dust with duration of 1 to 12 days were detected, of which 20 are related to the warm period of the year (especially in the months of June and July). Further, the pressure patterns, potential vorticity and temperature, divergent field, wind vector and vertical profiles using NCEP/NCAR data and ERA-Interim data with 2.5 and 0.125 degrees resolution, respectively, in the range of 10N Up to 60N and 20E to 75E were extracted at all atmospheric levels. The results showed that the warm period dust storms in western Iran were related to the low-level pressure gradient in the Persian trough, which although it is a source of low-pressure monsoon, the strengthening of this low-pressure is due to the local and topographic factors of the western windward of Zagros. The deepening of this system by strengthening the northern wind is the cause of the formation of dust storms in western Iran. In addition, EDS rarely extend beyond 1000m due to the limitation of strong winds to low levels. The speed of these winds often exceeds 50 km/h. The severe nocturnal inversion, which generally extends at 400-450m height, causes an intense wind speed gradient, and developed a Jetstream, often overnight, at 250-350m height, that affected by the Blackheads heating system