Discrete Logarithms in Generalized Jacobians

D\'ech\`ene has proposed generalized Jacobians as a source of groups for public-key cryptosystems based on the hardness of the Discrete Logarithm Problem (DLP). Her specific proposal gives rise to a group isomorphic to the semidirect product of an elliptic curve and a multiplicative group of a finite field. We explain why her proposal has no advantages over simply taking the direct product of groups. We then argue that generalized Jacobians offer poorer security and efficiency than standard Jacobians

Finding Significant Fourier Coefficients: Clarifications, Simplifications, Applications and Limitations

Ideas from Fourier analysis have been used in cryptography for the last three decades. Akavia, Goldwasser and Safra unified some of these ideas to give a complete algorithm that finds significant Fourier coefficients of functions on any finite abelian group. Their algorithm stimulated a lot of interest in the cryptography community, especially in the context of `bit security'. This manuscript attempts to be a friendly and comprehensive guide to the tools and results in this field. The intended readership is cryptographers who have heard about these tools and seek an understanding of their mechanics and their usefulness and limitations. A compact overview of the algorithm is presented with emphasis on the ideas behind it. We show how these ideas can be extended to a `modulus-switching' variant of the algorithm. We survey some applications of this algorithm, and explain that several results should be taken in the right context. In particular, we point out that some of the most important bit security problems are still open. Our original contributions include: a discussion of the limitations on the usefulness of these tools; an answer to an open question about the modular inversion hidden number problem

Distortion maps for genus two curves

Distortion maps are a useful tool for pairing based cryptography. Compared with elliptic curves, the case of hyperelliptic curves of genus g > 1 is more complicated since the full torsion subgroup has rank 2g. In this paper we prove that distortion maps always exist for supersingular curves of genus g>1 and we construct distortion maps in genus 2 (for embedding degrees 4,5,6 and 12).Comment: 16 page

Medical education on fitness to drive : a survey of all UK medical schools

Aim: To identify the extent to which medical aspects of fitness to drive (FTD) are taught within UK medical schools. Methods: A survey of all 32 UK medical schools. In-depth interviews with a range of staff at two medical schools; telephone survey of 30 schools. Results: Two thirds of schools reported specific teaching on medical aspects of FTD but few covered it in any depth or in relation to specific medical conditions. Only one school taught FTD in relation to elderly medicine. FTD was an examination topic at only 12 schools. Conclusion: Teaching on FTD is inconsistent across UK medical schools. Many new doctors will graduate with limited knowledge of medical aspects of FTD

Efficient algorithms for pairing-based cryptosystems

We describe fast new algorithms to implement recent cryptosystems based on the Tate pairing. In particular, our techniques improve pairing evaluation speed by a factor of about 55 compared to previously known methods in characteristic 3, and attain performance comparable to that of RSA in larger characteristics.We also propose faster algorithms for scalar multiplication in characteristic 3 and square root extraction over Fpm, the latter technique being also useful in contexts other than that of pairing-based cryptography

Keyword-Based Delegable Proofs of Storage

Cloud users (clients) with limited storage capacity at their end can outsource bulk data to the cloud storage server. A client can later access her data by downloading the required data files. However, a large fraction of the data files the client outsources to the server is often archival in nature that the client uses for backup purposes and accesses less frequently. An untrusted server can thus delete some of these archival data files in order to save some space (and allocate the same to other clients) without being detected by the client (data owner). Proofs of storage enable the client to audit her data files uploaded to the server in order to ensure the integrity of those files. In this work, we introduce one type of (selective) proofs of storage that we call keyword-based delegable proofs of storage, where the client wants to audit all her data files containing a specific keyword (e.g., "important"). Moreover, it satisfies the notion of public verifiability where the client can delegate the auditing task to a third-party auditor who audits the set of files corresponding to the keyword on behalf of the client. We formally define the security of a keyword-based delegable proof-of-storage protocol. We construct such a protocol based on an existing proof-of-storage scheme and analyze the security of our protocol. We argue that the techniques we use can be applied atop any existing publicly verifiable proof-of-storage scheme for static data. Finally, we discuss the efficiency of our construction.Comment: A preliminary version of this work has been published in International Conference on Information Security Practice and Experience (ISPEC 2018

Rapid coastal deoxygenation due to ocean circulation shift in the NW Atlantic.

Global observations show that the ocean lost approximately 2% of its oxygen inventory over the last five decades 1-3, with important implications for marine ecosystems 4, 5. The rate of change varies with northwest Atlantic coastal waters showing a long-term drop 6, 7 that vastly outpaces the global and North Atlantic basin mean deoxygenation rates 5, 8. However, past work has been unable to resolve mechanisms of large-scale climate forcing from local processes. Here, we use hydrographic evidence to show a Labrador Current retreat is playing a key role in the deoxygenation on the northwest Atlantic shelf. A high-resolution global coupled climate-biogeochemistry model 9 reproduces the observed decline of saturation oxygen concentrations in the region, driven by a retreat of the equatorward-flowing Labrador Current and an associated shift toward more oxygen-poor subtropical waters on the shelf. The dynamical changes underlying the shift in shelf water properties are correlated with a slowdown in the simulated Atlantic Meridional Overturning Circulation 10. Our results provide strong evidence that a major, centennial-scale change of the Labrador Current is underway, and highlight the potential for ocean dynamics to impact coastal deoxygenation over the coming century

Turbulent nitrate fluxes in the Lower St. Lawrence Estuary, Canada

Turbulent vertical nitrate fluxes were calculated using new turbulent microstructure observations in the Lower St. Lawrence Estuary (LSLE), Canada. Two stations were compared: the head of the Laurentian Channel (HLC), where intense mixing occurs on the shallow sill that marks the upstream limit of the LSLE, and another station located about 100 km downstream (St. 23), more representative of the LSLE mean mixing conditions. Mean turbulent diffusivities and nitrate fluxes at the base of the surface layer for both stations were, respectively (with 95% confidence intervals): inline image and inline image. Observations suggest that the interplay between large isopleth heaving near the sill and strong turbulence is the key mechanism to sustain such high turbulent nitrate fluxes at the HLC (two to three orders of magnitude higher than those at Station 23). Calculations also suggest that nitrate fluxes at the HLC alone can sustain primary production rates of inline image over the whole LSLE, approximately enough to account for a large part of the phytoplankton bloom and for most of the postbloom production. Surfacing nitrates are also believed to be consumed within the LSLE, not leaving much to be exported to the rest of the Gulf of St. Lawrence

Anonymous Single-Sign-On for n designated services with traceability

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity which has become more important due to the introduction of strong privacy regulations. In this paper we describe a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is authentication can only occur between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude which each other. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole services access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.Comment: 3