Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials

Personal cryptographic keys are the foundation of many secure services, but storing these keys securely is a challenge, especially if they are used from multiple devices. Storing keys in a centralized location, like an Internet-accessible server, raises serious security concerns (e.g. server compromise). Hardware-based Trusted Execution Environments (TEEs) are a well-known solution for protecting sensitive data in untrusted environments, and are now becoming available on commodity server platforms. Although the idea of protecting keys using a server-side TEE is straight-forward, in this paper we validate this approach and show that it enables new desirable functionality. We describe the design, implementation, and evaluation of a TEE-based Cloud Key Store (CKS), an online service for securely generating, storing, and using personal cryptographic keys. Using remote attestation, users receive strong assurance about the behaviour of the CKS, and can authenticate themselves using passwords while avoiding typical risks of password-based authentication like password theft or phishing. In addition, this design allows users to i) define policy-based access controls for keys; ii) delegate keys to other CKS users for a specified time and/or a limited number of uses; and iii) audit all key usages via a secure audit log. We have implemented a proof of concept CKS using Intel SGX and integrated this into GnuPG on Linux and OpenKeychain on Android. Our CKS implementation performs approximately 6,000 signature operations per second on a single desktop PC. The latency is in the same order of magnitude as using locally-stored keys, and 20x faster than smart cards.Comment: Extended version of a paper to appear in the 3rd Workshop on Security, Privacy, and Identity Management in the Cloud (SECPID) 201

Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computations from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing -- a side channel attack that leaks the fine-grained (branch granularity) control flow of an enclave (SGX protected code), potentially revealing sensitive data to the attacker. The previously-proposed defense mechanism, called Zigzagger, attempted to hide the control flow, but has been shown to be ineffective if the attacker can single-step through the enclave using the recent SGX-Step framework. Taking into account these stronger attacker capabilities, we propose a new defense against branch-shadowing, based on control flow randomization. Our scheme is inspired by Zigzagger, but provides quantifiable security guarantees with respect to a tunable security parameter. Specifically, we eliminate conditional branches and hide the targets of unconditional branches using a combination of compile-time modifications and run-time code randomization. We evaluated the performance of our approach by measuring the run-time overhead of ten benchmark programs of SGX-Nbench in SGX environment

Casual Sexual Scripts on the Screen

While existing content analyses have provided insightful information in terms of contextual factors and frequency of sexual behaviors, not much is known about the relational context in which sexual depictions generally occur. The current study addresses this void by employing content analytic methods to measure the frequency and context o

A tale of two worlds:assessing the vulnerability of enclave shielding runtimes

status: publishe

A label-free biosensor based on graphene and reduced graphene oxide dual-layer for electrochemical determination of beta-amyloid biomarkers

A label-free biosensor is developed for the determination of plasma-based Aβ1–42 biomarker in Alzheimer’s disease (AD). The platform is based on highly conductive dual-layer of graphene and electrochemically reduced graphene oxide (rGO). The modification of dual-layer with 1-pyrenebutyric acid N-hydroxysuccinimide ester (Pyr-NHS) is achieved to facilitate immobilization of H31L21 antibody. The effect of these modifications were studied with morphological, spectral and electrochemical techniques. The response of the biosensor was evaluated using differential pulse voltammetry (DPV). The data was acquired at a working potential of ~ 180 mV and a scan rate of 50 mV s−1. A low limit of detection (LOD) of 2.398 pM is achieved over a wide linear range from 11 pM to 55 nM. The biosensor exhibits excellent specificity over Aβ1–40 and ApoE ε4 interfering species. Thus, it provides a viable tool for electrochemical determination of Aβ1–42. Spiked human and mice plasmas were used for the successful validation of the sensing platform in bio-fluidic samples. The results obtained from mice plasma analysis concurred with the immunohistochemistry (IHC) and magnetic resonance imaging (MRI) data obtained from brain analysis.This work was financially supported by H2020 MSCA-ITN-ETN BBDiag project under grant no. 721281.Peer reviewe

Consumption patterns and living conditions inside Het Steen, the late medieval prison of Malines (Mechelen, Belgium)

Excavations at the Main Square (Grote Markt) of Malines (Mechelen, Belgium) have unearthed the building remains of a tower, arguably identifiable as the former town prison: Het Steen. When this assumption is followed, the contents of the fills of two cesspits dug out in the cellars of the building illustrate aspects of daily life within the early 14th-century prison. An integrated approach of all find categories, together with the historical context available, illuminates aspects of the material culture of the users of the cesspits, their consumption patterns and the living conditions within the building

ROBO2 is a stroma suppressor gene in the pancreas and acts via TGF-β signalling.

Whereas genomic aberrations in the SLIT-ROBO pathway are frequent in pancreatic ductal adenocarcinoma (PDAC), their function in the pancreas is unclear. Here we report that in pancreatitis and PDAC mouse models, epithelial Robo2 expression is lost while Robo1 expression becomes most prominent in the stroma. Cell cultures of mice with loss of epithelial Robo2 (Pdx1Cre;Robo2F/F) show increased activation of Robo1+ myofibroblasts and induction of TGF-β and Wnt pathways. During pancreatitis, Pdx1Cre;Robo2F/F mice present enhanced myofibroblast activation, collagen crosslinking, T-cell infiltration and tumorigenic immune markers. The TGF-β inhibitor galunisertib suppresses these effects. In PDAC patients, ROBO2 expression is overall low while ROBO1 is variably expressed in epithelium and high in stroma. ROBO2low;ROBO1high patients present the poorest survival. In conclusion, Robo2 acts non-autonomously as a stroma suppressor gene by restraining myofibroblast activation and T-cell infiltration. ROBO1/2 expression in PDAC patients may guide therapy with TGF-β inhibitors or other stroma /immune modulating agents

ROBO2 is a stroma suppressor gene in the pancreas and acts via TGF-β signalling

Whereas genomic aberrations in the SLIT-ROBO pathway are frequent in pancreatic ductal adenocarcinoma (PDAC), their function in the pancreas is unclear. Here we report that in pancreatitis and PDAC mouse models, epithelial Robo2 expression is lost while Robo1 expression becomes most prominent in the stroma. Cell cultures of mice with loss of epithelial Robo2 (Pdx1 ;Robo2 ) show increased activation of Robo1 myofibroblasts and induction of TGF-β and Wnt pathways. During pancreatitis, Pdx1 ;Robo2 mice present enhanced myofibroblast activation, collagen crosslinking, T-cell infiltration and tumorigenic immune markers. The TGF-β inhibitor galunisertib suppresses these effects. In PDAC patients, ROBO2 expression is overall low while ROBO1 is variably expressed in epithelium and high in stroma. ROBO2 ;ROBO1 patients present the poorest survival. In conclusion, Robo2 acts non-autonomously as a stroma suppressor gene by restraining myofibroblast activation and T-cell infiltration. ROBO1/2 expression in PDAC patients may guide therapy with TGF-β inhibitors or other stroma /immune modulating agents

Television viewing and sleep are associated with overweight among urban and semi-urban South Indian children

This is an Open Access article distributed under the terms of the Creative Commons Attribution Licens

Effects of tv time and other sedentary pursuits

Television (TV) viewing is the dominant recreational pastime at all ages, especially for children and adolescents. Many studies have shown that higher TV viewing hours are associated with higher body mass index (BMI), lower levels of fitness and higher blood cholesterol levels. Although the effect size estimated from observational studies is small (with TV viewing explaining very little of the variance in BMI), the results of intervention studies show large effect sizes. The potential mediators of the effect of higher TV viewing on higher BMI include less time for physical activity, reduced resting metabolic rate (for which there is little supporting evidence) and increased energy intake (from more eating while watching TV and a greater exposure to marketing of energy dense foods). Electronic games may have an effect on unhealthy weight gain, but are less related to increased energy intake and their usage is relatively new, making effect size difficult to determine. Thus, TV viewing does not explain much of the differences in body size between individuals or the rise in obesity over time, perhaps because of the uniformly high, but relatively stable, TV viewing hours. Reducing TV viewing hours is a difficult prospect because potential actions, such as social marketing and education, are likely to be relatively weak interventions, although the evidence would suggest that, if viewing could be reduced, it could have a significant impact on reducing obesity prevalence. Regulations to reduce the heavy marketing of energy dense foods and beverages on TV may be the most effective public health measure available to minimize the impact of TV viewing on unhealthy weight gain.<br /