Sound Computational Interpretation of Formal Encryption with Composed Keys

The formal and computational views of cryptography have been related by the seminal work of Abadi and Rogaway. In their work, a formal treatment of encryption that uses atomic keys is justified in the computational world. However, many proposed formal approaches allow the use of composed keys, where any arbitrary expression can be used as encryption key. We consider an extension of the formal model presented by Abadi and Rogaway, in which it is allowed to use composed keys in formal encryption. We then provide a computational interpretation for expressions that allow us to establish the computational soundness of formal encryption with composed keys

TC Heartland: It’s Time to Take Stock

It has been a little over a year and a half since the Supreme Court issued its groundbreaking venue decision in TC Heartland LLC v. Kraft Foods Group Brands LLC, shaking up the status quo in U.S. patent infringement litigation. The first months after TC Heartland saw a flurry of activity as litigants and courts wrestled with the impact of the decision on pending cases, pondered the true meaning of a “regular and established place of business,” and explored many other questions left by the TC Heartland decision. Eighteen months and several writs of mandamus later, it is now a good time to take stock of the newly emerging status quo in patent venue. This article does just that

Applications of Secure Multiparty Computation

We generate and gather a lot of data about ourselves and others, some of it highly confidential. The collection, storage and use of this data is strictly regulated by laws, but restricting the use of data often limits the benefits which could be obtained from its analysis. Secure multi-party computation (SMC), a cryptographic technology, makes it possible to execute specific programs on confidential data while ensuring that no other sensitive information from the data is leaked. SMC has been the subject of academic study for more than 30 years, but first attempts to use it for actual computations in the early 2000s – although theoretically efficient – were initially not practicable. However, improvements in the situation have made possible the secure solving of even relatively large computational tasks. This book describes how many different computational tasks can be solved securely, yet efficiently. It describes how protocols can be combined to larger applications, and how the security-efficiency trade-offs of different components of an SMC application should be chosen. Many of the results described in this book were achieved as part of the project Usable and Efficient Secure Multi-party Computation (UaESMC), which was funded by the European Commission. The book will be of interest to all those whose work involves the secure analysis of confidential data

Computing Local Sensitivities of Counting Queries with Joins

Local sensitivity of a query Q given a database instance D, i.e. how much the output Q(D) changes when a tuple is added to D or deleted from D, has many applications including query analysis, outlier detection, and in differential privacy. However, it is NP-hard to find local sensitivity of a conjunctive query in terms of the size of the query, even for the class of acyclic queries. Although the complexity is polynomial when the query size is fixed, the naive algorithms are not efficient for large databases and queries involving multiple joins. In this paper, we present a novel approach to compute local sensitivity of counting queries involving join operations by tracking and summarizing tuple sensitivities -- the maximum change a tuple can cause in the query result when it is added or removed. We give algorithms for the sensitivity problem for full acyclic join queries using join trees, that run in polynomial time in both the size of the database and query for an interesting sub-class of queries, which we call 'doubly acyclic queries' that include path queries, and in polynomial time in combined complexity when the maximum degree in the join tree is bounded. Our algorithms can be extended to certain non-acyclic queries using generalized hypertree decompositions. We evaluate our approach experimentally, and show applications of our algorithms to obtain better results for differential privacy by orders of magnitude.Comment: To be published in Proceedings of the 2020 ACM SIGMOD International Conference on Management of Dat

Ceftazidime-avibactam or best available therapy in patients with ceftazidime-resistant Enterobacteriaceae and Pseudomonas aeruginosa complicated urinary tract infections or complicated intra-abdominal infections (REPRISE): a randomised, pathogen-directed, phase 3 study

Background Carbapenems are frequently the last line of defence in serious infections due to multidrug-resistant Gram-negative bacteria, but their use is threatened by the growing prevalence of carbapenemase-producing pathogens. Ceftazidime-avibactam is a potential new agent for use in such infections. We aimed to assess the efficacy, safety, and tolerability of ceftazidime-avibactam compared with best available therapy in patients with complicated urinary tract infection or complicated intra-abdominal infection due to ceftazidime-resistant Gram-negative pathogens. Methods REPRISE was a pathogen-directed, international, randomised, open-label, phase 3 trial that recruited patients from hospitals across 16 countries worldwide. Eligible patients were aged 18–90 years with complicated urinary tract infection or complicated intra-abdominal infection caused by ceftazidime-resistant Enterobacteriaceae or Pseudomonas aeruginosa. Patients were randomised (1:1) to 5–21 days of treatment with either ceftazidime-avibactam (a combination of 2000 mg ceftazidime plus 500 mg avibactam, administered via a 2-h intravenous infusion every 8 h) or best available therapy. The primary endpoint was clinical response at the test-of-cure visit, 7–10 days after last infusion of study therapy, analysed in all patients who had at least one ceftazidime-resistant Gram-negative pathogen, as confirmed by the central laboratory, and who received at least one dose of study drug. Safety endpoints were assessed in all patients who received at least one dose of study drug. This study is registered with ClinicalTrials.gov, number NCT01644643. Findings Between Jan 7, 2013, and Aug 29, 2014, 333 patients were randomly assigned, 165 to ceftazidime-avibactam and 168 to best available therapy. Of these, 154 assigned to ceftazidime-avibactam (144 with complicated urinary tract infection and ten with complicated intra-abdominal infection) and 148 assigned to best available therapy (137 with complicated urinary tract infection and 11 with complicated intra-abdominal infection) were analysed for the primary outcome. 163 (97%) of 168 patients in the best available therapy group received a carbapenem, 161 (96%) as monotherapy. The overall proportions of patients with a clinical cure at the test-of-cure visit were similar with ceftazidime-avibactam (140 [91%; 95% CI 85·6–94·7] of 154 patients) and best available therapy (135 [91%; 85·9–95·0] of 148 patients). 51 (31%) of 164 patients in the ceftazidime-avibactam group and 66 (39%) of 168 in the best available therapy group had an adverse event, most of which were mild or moderate in intensity. Gastrointestinal disorders were the most frequently reported treatment-emergent adverse events with both ceftazidime-avibactam (21 [13%] of 164 patients) and best available therapy (30 [18%] of 168 patients). No new safety concerns were identified for ceftazidime-avibactam. Interpretation These results provide evidence of the efficacy of ceftazidime-avibactam as a potential alternative to carbapenems in patients with ceftazidime-resistant Enterobacteriaceae and P aeruginosa. Funding AstraZeneca

The PER model of abstract non-interference

Abstract. In this paper, we study the relationship between two models of secure information flow: the PER model (which uses equivalence relations) and the abstract non-interference model (which uses upper closure operators). We embed the lattice of equivalence relations into the lattice of closures, re-interpreting abstract non-interference over the lattice of equivalence relations. For narrow abstract non-interference, we show non-interference it is strictly less general. The relational presentation of abstract non-interference leads to a simplified construction of the most concrete harmless attacker. Moreover, the PER model of abstract noninterference allows us to derive unconstrained attacker models, which do not necessarily either observe all public information or ignore all private information. Finally, we show how abstract domain completeness can be used for enforcing the PER model of abstract non-interference

What is the prevalence of loneliness amongst older people living in residential and nursing care homes? A systematic review and meta-analysis

Background the number of older people living in residential and nursing care homes is rising. Loneliness is a major problem for older people, but little is known about the prevalence of loneliness amongst older people living in care homes. Aim to undertake a systematic review of literature on the prevalence of moderate and severe loneliness amongst older people living in residential and nursing care homes. Design we systematically reviewed the databases Cumulative Index to Nursing and Allied Health Literature (CINAHL), MEDLINE, PsycINFO, Embase, Scopus, Cochrane and Allied and Complementary Medicine Database (AMED) from inception to January 2019. We included all studies reporting data on the prevalence of loneliness amongst older people living in care homes. A random-effects meta-analysis was conducted on all eligible data. Results a total of 13 articles were included, representing 5,115 participants (age range of 55–102 years, mean age 83.5 years, 68% female). There was a significant variation between studies in estimates of prevalence. The prevalence of moderate loneliness ranged from 31 to 100%, and the prevalence of severe loneliness ranged from 9 to 81%. The estimated mean prevalence of ‘moderate loneliness’ was 61% (95% confidence interval (CI): 0.41, 0.80). The estimated mean prevalence of ‘severe loneliness’ was 35% (95% CI: 0.14, 0.60). Conclusion the prevalence of both moderate loneliness and severe loneliness amongst care home residents is high enough to warrant concern. However, the significant variation in prevalence estimates warrants further research. Future studies should identify which interventions can address loneliness and promote meaningful social engagement to enhance quality of life in care homes

Towards a Type System for Security APIs

Abstract. Security API analysis typically only considers a subset of an API’s functions, with results bounded by the number of function calls. Furthermore, attacks involving partial leakage of sensitive information are usually not covered. Type-based static analysis has the potential to alleviate these shortcomings. To that end, we present a type system for secure information flow based upon the one of Volpano, Smith and Irvine [1], extended with types for cryptographic keys and ciphertext similar to those in Sumii and Pierce [2]. In contrast to some other type systems, the encryption and decryption of keys does not require special treatment. We show that a well-typed sequence of commands is non-interferent, based upon a definition of indistinguishability where, in certain circumstances, the adversary can distinguish between ciphertexts that correspond to encrypted public data.

Circular and leakage resilient public-key encryption under subgroup indistinguishability (or: Quadratic residuosity strikes back)

30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. ProceedingsThe main results of this work are new public-key encryption schemes that, under the quadratic residuosity (QR) assumption (or Paillier’s decisional composite residuosity (DCR) assumption), achieve key-dependent message security as well as high resilience to secret key leakage and high resilience to the presence of auxiliary input information. In particular, under what we call the subgroup indistinguishability assumption, of which the QR and DCR are special cases, we can construct a scheme that has: • Key-dependent message (circular) security. Achieves security even when encrypting affine functions of its own secret key (in fact, w.r.t. affine “key-cycles” of predefined length). Our scheme also meets the requirements for extending key-dependent message security to broader classes of functions beyond affine functions using previous techniques of Brakerski et al. or Barak et al. • Leakage resiliency. Remains secure even if any adversarial low-entropy (efficiently computable) function of the secret key is given to the adversary. A proper selection of parameters allows for a “leakage rate” of (1 − o(1)) of the length of the secret key. • Auxiliary-input security. Remains secure even if any sufficiently hard to invert (efficiently computable) function of the secret key is given to the adversary. Our scheme is the first to achieve key-dependent security and auxiliary-input security based on the DCR and QR assumptions. Previous schemes that achieved these properties relied either on the DDH or LWE assumptions. The proposed scheme is also the first to achieve leakage resiliency for leakage rate (1 − o(1)) of the secret key length, under the QR assumption. We note that leakage resilient schemes under the DCR and the QR assumptions, for the restricted case of composite modulus product of safe primes, were implied by the work of Naor and Segev, using hash proof systems. However, under the QR assumption, known constructions of hash proof systems only yield a leakage rate of o(1) of the secret key length.Microsoft Researc