ROYALE: A Framework for Universally Composable Card Games with Financial Rewards and Penalties Enforcement

While many tailor made card game protocols are known, the vast majority of those suffer from three main issues: lack of mechanisms for distributing financial rewards and punishing cheaters, lack of composability guarantees and little flexibility, focusing on the specific game of poker. Even though folklore holds that poker protocols can be used to play any card game, this conjecture remains unproven and, in fact, does not hold for a number of protocols (including recent results). We both tackle the problem of constructing protocols for general card games and initiate a treatment of such protocols in the Universal Composability (UC) framework, introducing an ideal functionality that captures general card games constructed from a set of core card operations. Based on this formalism, we introduce Royale, the first UC-secure general card games which supports financial rewards/penalties enforcement. We remark that Royale also yields the first UC-secure poker protocol. Interestingly, Royale performs better than most previous works (that do not have composability guarantees), which we highlight through a detailed concrete complexity analysis and benchmarks from a prototype implementation

Election Verifiability for Helios under Weaker Trust Assumptions

Most electronic voting schemes aim at providing verifiability: voters should trust the result without having to rely on some authorities. Actually, even a prominent voting system like Helios cannot fully achieve verifiability since a dishonest bulletin board may add ballots. This problem is called ballot stuffing. In this paper we give a definition of verifiability in the computational model to account for a malicious bulletin board that may add ballots. Next, we provide a generic construction that transforms a voting scheme that is verifiable against an honest bulletin board and an honest registration authority (weak verifiability) into a verifiable voting scheme under the weaker trust assumption that the registration authority and the bulletin board are not simultaneously dishonest (strong verifiability). This construction simply adds a registration authority that sends private credentials to the voters, and publishes the corresponding public credentials. We further provide simple and natural criteria that imply weak verifiability. As an application of these criteria, we formally prove the latest variant of Helios by Bernhard, Pereira and Warinschi weakly verifiable. By applying our generic construction we obtain a Helios-like scheme that has ballot privacy and strong verifiability (and thus prevents ballot stuffing). The resulting voting scheme, Helios-C, retains the simplicity of Helios and has been implemented and tested

Fast parallel algorithms for a broad class of nonlinear variational diffusion approaches

Variational segmentation and nonlinear diffusion approaches have been very active research areas in the fields of image processing and computer vision during the last years. In the present paper, we review recent advances in the development of efficient numerical algorithms for these approaches. The performance of parallel implement at ions of these algorithms on general-purpose hardware is assessed. A mathematically clear connection between variational models and nonlinear diffusion filters is presented that allows to interpret one approach as an approximation of the other, and vice versa. Numerical results confirm that, depending on the parametrization, this approximation can be made quite accurate. Our results provide a perspective for uniform implement at ions of both nonlinear variational models and diffusion filters on parallel architectures

A Machine-Checked Formalization of the Generic Model and the Random Oracle Model

Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on the computational cost of gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by the Generic Model and the Random Oracle Model which provide non-standard computational models in which one may reason about the computational cost of breaking a cryptographic scheme. Using the proof assistant Coq, we provide a machine-checked account of the Generic Model and the Random Oracle Mode

On the relation of optical obscuration and X-ray absorption in Seyfert galaxies

The optical classification of a Seyfert galaxy and whether it is considered X-ray absorbed are often used interchangeably. But there are many borderline cases and also numerous examples where the optical and X-ray classifications appear to be in conflict. In this article we re-visit the relation between optical obscuration and X-ray absorption in AGNs. We make use of our "dust color" method (Burtscher et al. 2015) to derive the optical obscuration A_V and consistently estimated X-ray absorbing columns using 0.3--150 keV spectral energy distributions. We also take into account the variable nature of the neutral gas column N_H and derive the Seyfert sub-classes of all our objects in a consistent way. We show in a sample of 25 local, hard-X-ray detected Seyfert galaxies (log L_X / (erg/s) ~ 41.5 - 43.5) that there can actually be a good agreement between optical and X-ray classification. If Seyfert types 1.8 and 1.9 are considered unobscured, the threshold between X-ray unabsorbed and absorbed should be chosen at a column N_H = 10^22.3 / cm^2 to be consistent with the optical classification. We find that N_H is related to A_V and that the N_H/A_V ratio is approximately Galactic or higher in all sources, as indicated previously. But in several objects we also see that deviations from the Galactic ratio are only due to a variable X-ray column, showing that (1) deviations from the Galactic N_H/A_V can simply be explained by dust-free neutral gas within the broad line region in some sources, that (2) the dust properties in AGNs can be similar to Galactic dust and that (3) the dust color method is a robust way to estimate the optical extinction towards the sublimation radius in all but the most obscured AGNs.Comment: 7 pages, 3 figures, accepted for publication by A&A; updated PDF to include abstrac

A Tale of Three Signatures: practical attack of ECDSA with wNAF

One way of attacking ECDSA with wNAF implementation for the scalar multiplication is to perform a side-channel analysis to collect information, then use a lattice based method to recover the secret key. In this paper, we reinvestigate the construction of the lattice used in one of these methods, the Extended Hidden Number Problem (EHNP). We find the secret key with only 3 signatures, thus reaching the theoretical bound given by Fan, Wang and Cheng, whereas best previous methods required at least 4 signatures in practice. Our attack is more efficient than previous attacks, in particular compared to times reported by Fan et al. at CCS 2016 and for most cases, has better probability of success. To obtain such results, we perform a detailed analysis of the parameters used in the attack and introduce a preprocessing method which reduces by a factor up to 7 the overall time to recover the secret key for some parameters. We perform an error resilience analysis which has never been done before in the setup of EHNP. Our construction is still able to find the secret key with a small amount of erroneous traces, up to 2% of false digits, and 4% with a specific type of error. We also investigate Coppersmith's methods as a potential alternative to EHNP and explain why, to the best of our knowledge, EHNP goes beyond the limitations of Coppersmith's methods

Amplification by stochastic interference

A new method is introduced to obtain a strong signal by the interference of weak signals in noisy channels. The method is based on the interference of 1/f noise from parallel channels. One realization of stochastic interference is the auditory nervous system. Stochastic interference may have broad potential applications in the information transmission by parallel noisy channels

Solving the Shortest Vector Problem in Lattices Faster Using Quantum Search

By applying Grover's quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehl\'{e}, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest vector in time $2^{1.799n + o(n)}$, improving upon the classical time complexity of $2^{2.465n + o(n)}$ of Pujol and Stehl\'{e} and the $2^{2n + o(n)}$ of Micciancio and Voulgaris, while heuristically we expect to find a shortest vector in time $2^{0.312n + o(n)}$, improving upon the classical time complexity of $2^{0.384n + o(n)}$ of Wang et al. These quantum complexities will be an important guide for the selection of parameters for post-quantum cryptosystems based on the hardness of the shortest vector problem.Comment: 19 page

Obscuration in AGNs: near-infrared luminosity relations and dust colors

We combine two approaches to isolate the AGN luminosity at near-infrared wavelengths and relate the near-IR pure AGN luminosity to other tracers of the AGN. Using integral-field spectroscopic data of an archival sample of 51 local AGNs, we estimate the fraction of non-stellar light by comparing the nuclear equivalent width of the stellar 2.3 micron CO absorption feature with the intrinsic value for each galaxy. We compare this fraction to that derived from a spectral decomposition of the integrated light in the central arc second and find them to be consistent with each other. Using our estimates of the near-IR AGN light, we find a strong correlation with presumably isotropic AGN tracers. We show that a significant offset exists between type 1 and type 2 sources in the sense that type 1 sources are 7 (10) times brighter in the near-IR at log L_MIR = 42.5 (log L_X = 42.5). These offsets only becomes clear when treating infrared type 1 sources as type 1 AGNs. All AGNs have very red near-to-mid-IR dust colors. This, as well as the range of observed near-IR temperatures, can be explained with a simple model with only two free parameters: the obscuration to the hot dust and the ratio between the warm and hot dust areas. We find obscurations of A_V (hot) = 5 - 15 mag for infrared type 1 sources and A_V (hot) = 15 - 35 mag for type 2 sources. The ratio of hot dust to warm dust areas of about 1000 is nicely consistent with the ratio of radii of the respective regions as found by infrared interferometry.Comment: 17 pages, 10 Figures, 3 Tables, accepted by A&