Rickia wasmannii (Laboulbeniales) influences the water consumption of Myrmica scabrinodis

24 - Social insect host-microbe interactions, Poste

Keyword-Based Delegable Proofs of Storage

Cloud users (clients) with limited storage capacity at their end can outsource bulk data to the cloud storage server. A client can later access her data by downloading the required data files. However, a large fraction of the data files the client outsources to the server is often archival in nature that the client uses for backup purposes and accesses less frequently. An untrusted server can thus delete some of these archival data files in order to save some space (and allocate the same to other clients) without being detected by the client (data owner). Proofs of storage enable the client to audit her data files uploaded to the server in order to ensure the integrity of those files. In this work, we introduce one type of (selective) proofs of storage that we call keyword-based delegable proofs of storage, where the client wants to audit all her data files containing a specific keyword (e.g., "important"). Moreover, it satisfies the notion of public verifiability where the client can delegate the auditing task to a third-party auditor who audits the set of files corresponding to the keyword on behalf of the client. We formally define the security of a keyword-based delegable proof-of-storage protocol. We construct such a protocol based on an existing proof-of-storage scheme and analyze the security of our protocol. We argue that the techniques we use can be applied atop any existing publicly verifiable proof-of-storage scheme for static data. Finally, we discuss the efficiency of our construction.Comment: A preliminary version of this work has been published in International Conference on Information Security Practice and Experience (ISPEC 2018

A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder

We propose a new encoding algorithm for the simultaneous differential multidimensional scalar point multiplication algorithm $d$-MUL. Previous encoding algorithms are known to have major drawbacks in their efficient and secure implementation. Some of these drawbacks have been avoided in a recent paper in 2018 at a cost of losing the general functionality of the point multiplication algorithm. In this paper, we address these issues. Our new encoding algorithm takes the binary representations of scalars as input, and constructs a compact binary sequence and a permutation, which explicitly determines a regular sequence of group operations to be performed in $d$-MUL. Our algorithm simply slides windows of size two over the scalars and it is very efficient. As a result, while preserving the full generality of $d$-MUL, we successfully eliminate the recursive integer matrix computations in the originally proposed encoding algorithms. We also expect that our new encoding algorithm will make it easier to implement $d$-MUL in constant time. Our results can be seen as the efficient and full generalization of the one dimensional Montgomery ladder to arbitrary dimension

Supersingular isogeny key exchange for beginners

This is an informal tutorial on the supersingular isogeny Diffie-Hellman protocol aimed at non-isogenists

Another Look at Some Isogeny Hardness Assumptions

The security proofs for isogeny-based undeniable signature schemes have been based primarily on the assumptions that the One-Sided Modified SSCDH problem and the One-More SSCDH problem are intractable. We challenge the validity of these assumptions, showing that both the decisional and computational variants of these problems can be solved in polynomial time. We further demonstrate an attack, applicable to two undeniable signature schemes, one of which was proposed at PQCrypto 2014. The attack allows to forge signatures in 24λ/5 steps on a classical computer. This is an improvement over the expected classical security of 2λ, where λ denotes the chosen security parameter.SCOPUS: cp.kinfo:eu-repo/semantics/publishedCryptographers Track at the RSA Conference, CT-RSA 2020; San Francisco; United States; 24 February 2020 through 28 February 2020ISBN: 978-303040185-

Anonymous Single-Sign-On for n designated services with traceability

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity which has become more important due to the introduction of strong privacy regulations. In this paper we describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is authentication can only occur between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude which each other. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole services access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.Comment: 3

Statistics for Fission-Track Thermochronology

This chapter introduces statistical tools to extract geologically meaningful information from fission-track (FT) data using both the external detector and LA-ICP-MS methods. The spontaneous fission of 238U is a Poisson process resulting in large single-grain age uncertainties. To overcome this imprecision, it is nearly always necessary to analyse multiple grains per sample. The degree to which the analytical uncertainties can explain the observed scatter of the single-grain data can be visually assessed on a radial plot and objectively quantified by a chi-square test. For sufficiently low values of the chi-square statistic (or sufficiently high p values), the pooled age of all the grains gives a suitable description of the underlying ‘true’ age population. Samples may fail the chi-square test for several reasons. A first possibility is that the true age population does not consist of a single discrete age component, but is characterised by a continuous range of ages. In this case, a ‘random effects’ model can constrain the true age distribution using two parameters: the ‘central age’ and the ‘(over)dispersion’. A second reason why FT data sets might fail the chi-square test is if they are underlain by multimodal age distributions. Such distributions may consist of discrete age components, continuous age distributions, or a combination of the two. Formalised statistical tests such as chi-square can be useful in preventing overfitting of relatively small data sets. However, they should be used with caution when applied to large data sets (including length measurements) which generate sufficient statistical ‘power’ to reject any simple yet geologically plausible hypothesis

Rational isogenies from irrational endomorphisms

In this paper, we introduce a polynomial-time algorithm to compute a connecting $\mathcal{O}$-ideal between two supersingular elliptic curves over $\mathbb{F}_p$ with common $\mathbb{F}_p$-endomorphism ring $\mathcal{O}$, given a description of their full endomorphism rings. This algorithm provides a reduction of the security of the CSIDH cryptosystem to the problem of computing endomorphism rings of supersingular elliptic curves. A similar reduction for SIDH appeared at Asiacrypt 2016, but relies on totally different techniques. Furthermore, we also show that any supersingular elliptic curve constructed using the complex-multiplication method can be located precisely in the supersingular isogeny graph by explicitly deriving a path to a known base curve. This result prohibits the use of such curves as a building block for a hash function into the supersingular isogeny graph