Atomic Information Disclosure of Off-Chained Computations Using Threshold Encryption

Public Blockchains on their own are, by definition, incapable of keeping data private and disclosing it at a later time. Control over the eventual disclosure of private data must be maintained outside a Blockchain by withholding and later publishing encryption keys, for example. We propose the Atomic Information Disclosure (AID) pattern based on threshold encryption that allows a set of key holders to govern the release of data without having access to it. We motivate this pattern with problems that require independently reproduced solutions. By keeping submissions private until a deadline expires, participants are unable to plagiarise and must therefore generate their own solutions which can then be aggregated and analysed to determine a final answer. We outline the importance of a game-theoretically sound incentive scheme, possible attacks, and other future work

PRCash: Fast, Private and Regulated Transactions for Digital Currencies

Decentralized cryptocurrencies based on blockchains provide attractive features, including user privacy and system transparency, but lack active control of money supply and capabilities for regulatory oversight, both existing features of modern monetary systems. These limitations are critical, especially if the cryptocurrency is to replace, or complement, existing fiat currencies. Centralized cryptocurrencies, on the other hand, provide controlled supply of money, but lack transparency and transferability. Finally, they provide only limited privacy guarantees, as they do not offer recipient anonymity or payment value secrecy. We propose a novel digital currency, called PRCash, where the control of money supply is centralized, money is represented as value-hiding transactions for transferability and improved privacy, and transactions are verified in a distributed manner and published to a public ledger for verifiability and transparency. Strong privacy and regulation are seemingly conflicting features, but we overcome this technical problem with a new regulation mechanism based on zero-knowledge proofs. Our implementation and evaluation shows that payments are fast and large-scale deployments practical. PRCash is the first digital currency to provide control of money supply, transparency, regulation, and privacy at the same time, and thus make its adoption as a fiat currency feasible

Boomerang: Redundancy Improves Latency and Throughput in Payment-Channel Networks

In multi-path routing schemes for payment-channel networks, Alice transfers funds to Bob by splitting them into partial payments and routing them along multiple paths. Undisclosed channel balances and mismatched transaction fees cause delays and failures on some payment paths. For atomic transfer schemes, these straggling paths stall the whole transfer. We show that the latency of transfers reduces when redundant payment paths are added. This frees up liquidity in payment channels and hence increases the throughput of the network. We devise Boomerang, a generic technique to be used on top of multi-path routing schemes to construct redundant payment paths free of counterparty risk. In our experiments, applying Boomerang to a baseline routing scheme leads to 40% latency reduction and 2x throughput increase. We build on ideas from publicly verifiable secret sharing, such that Alice learns a secret of Bob iff Bob overdraws funds from the redundant paths. Funds are forwarded using Boomerang contracts, which allow Alice to revert the transfer iff she has learned Bob's secret. We implement the Boomerang contract in Bitcoin Script

Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA) 200

Blind Password Registration for Two-Server Password Authenticated Key Exchange and Secret Sharing Protocols

Many organisations enforce policies on the length and formation of passwords to encourage selection of strong passwords and protect their multi-user systems. For Two-Server Password Authenticated Key Exchange (2PAKE) and Two-Server Password Authenticated Secret Sharing (2PASS) protocols, where the password chosen by the client is secretly shared between the two servers, the initial remote registration of policy-compliant passwords represents a major problem because none of the servers is supposed to know the password in clear. We solve this problem by introducing Two-Server Blind Password Registration (2BPR) protocols that can be executed between a client and the two servers as part of the remote registration procedure. 2BPR protocols guarantee that secret shares sent to the servers belong to a password that matches their combined password policy and that the plain password remains hidden from any attacker that is in control of at most one server. We propose a security model for 2BPR protocols capturing the requirements of policy compliance for client passwords and their blindness against the servers. Our model extends the adversarial setting of 2PAKE/2PASS protocols to the registration phase and hence closes the gap in the formal treatment of such protocols. We construct an efficient 2BPR protocol for ASCII-based password policies, prove its security in the standard model, give a proof of concept implementation, and discuss its performance

Heterogeneity in glucose response curves during an oral glucose tolerance test and associated cardiometabolic risk

We aimed to examine heterogeneity in glucose response curves during an oral glucose tolerance test with multiple measurements and to compare cardiometabolic risk profiles between identified glucose response curve groups. We analyzed data from 1,267 individuals without diabetes from five studies in Denmark, the Netherlands and the USA. Each study included between 5 and 11 measurements at different time points during a 2-h oral glucose tolerance test, resulting in 9,602 plasma glucose measurements. Latent class trajectories with a cubic specification for time were fitted to identify different patterns of plasma glucose change during the oral glucose tolerance test. Cardiometabolic risk factor profiles were compared between the identified groups. Using latent class trajectory analysis, five glucose response curves were identified. Despite similar fasting and 2-h values, glucose peaks and peak times varied greatly between groups, ranging from 7-12 mmol/L, and 35-70 min. The group with the lowest and earliest plasma glucose peak had the lowest estimated cardiovascular risk, while the group with the most delayed plasma glucose peak and the highest 2-h value had the highest estimated risk. One group, with normal fasting and 2-h values, exhibited an unusual profile, with the highest glucose peak and the highest proportion of smokers and men. The heterogeneity in glucose response curves and the distinct cardiometabolic risk profiles may reflect different underlying physiologies. Our results warrant more detailed studies to identify the source of the heterogeneity across the different phenotypes and whether these differences play a role in the development of type 2 diabetes and cardiovascular disease

Privacy-Preserving Observation in Public Spaces

One method of privacy-preserving accounting or billing in cyber-physical systems, such as electronic toll collection or public transportation ticketing, is to have the user present an encrypted record of transactions and perform the accounting or billing computation securely on them. Honesty of the user is ensured by spot checking the record for some selected surveyed transactions. But how much privacy does that give the user, i.e. how many transactions need to be surveyed? It turns out that due to collusion in mass surveillance all transactions need to be observed, i.e. this method of spot checking provides no privacy at all. In this paper we present a cryptographic solution to the spot checking problem in cyber-physical systems. Users carry an authentication device that authenticates only based on fair random coins. The probability can be set high enough to allow for spot checking, but in all other cases privacy is perfectly preserved. We analyze our protocol for computational efficiency and show that it can be efficiently implemented even on plat- forms with limited computing resources, such as smart cards and smart phones

Use of selective serotonin reuptake inhibitors and risk of re-operation due to post-surgical bleeding in breast cancer patients: a Danish population-based cohort study

<p>Abstract</p> <p>Background</p> <p>Selective serotonin reuptake inhibitors (SSRI) decrease platelet-function, which suggests that SSRI use may increase the risk of post-surgical bleeding. Few studies have investigated this potential association.</p> <p>Methods</p> <p>We conducted a population-based study of the risk of re-operation due to post-surgical bleeding within two weeks of primary surgery among Danish women with primary breast cancer. Patients were categorised according to their use of SSRI: never users, current users (SSRI prescription within 30 days of initial breast cancer surgery), and former users (SSRI prescription more than 30 days before initial breast cancer surgery). We calculated the risk of re-operation due to post-surgical bleeding within 14 days of initial surgery, and the relative risk (RR) of re-operation comparing SSRI users with never users of SSRI adjusting for potential confounders.</p> <p>Results</p> <p>389 of 14,464 women (2.7%) were re-operated. 1592 (11%) had a history of SSRI use. Risk of re-operation was 2.6% among never users, 7.0% among current SSRI users, and 2.7% among former users. Current users thus had an increased risk of re-operation due to post-operative bleeding (adjusted relative risk = 2.3; 95% confidence interval (CI) = 1.4, 3.9) compared with never users. There was no increased risk of re-operation associated with former use of SSRI (RR = 0.93, 95% CI = 0.66, 1.3).</p> <p>Conclusions</p> <p>Current use of SSRI is associated with an increased risk of re-operation due to bleeding after surgery for breast cancer.</p