Efficient selective identity-based encryption without random oracles

We construct two efficient Identity-Based Encryption (IBE) systems that admit selective-identity security reductions without random oracles in groups equipped with a bilinear map. Selective-identity secure IBE is a slightly weaker security model than the standard security model for IBE. In this model the adversary must commit ahead of time to the identity that it intends to attack, whereas in an adaptive-identity attack the adversary is allowed to choose this identity adaptively. Our first system—BB1—is based on the well studied decisional bilinear Diffie–Hellman assumption, and extends naturally to systems with hierarchical identities, or HIBE. Our second system—BB2—is based on a stronger assumption which we call the Bilinear Diffie–Hellman Inversion assumption and provides another approach to building IBE systems. Our first system, BB1, is very versatile and well suited for practical applications: the basic hierarchical construction can be efficiently secured against chosen-ciphertext attacks, and further extended to support efficient non-interactive threshold decryption, among others, all without using random oracles. Both systems, BB1 and BB2, can be modified generically to provide “full” IBE security (i.e., against adaptive-identity attacks), either using random oracles, or in the standard model at the expense of a non-polynomial but easy-to-compensate security reduction.

Hidden credential retrieval from a reusable password

We revisit the venerable question of access credentials management, which concerns the techniques that we, humans with limited memory, must employ to safeguard our various access keys and tokens in a connected world. Although many existing solutions can be employed to protect a long secret using a short password, those solutions typically require certain assumptions on the distribution of the secret and/or the password, and are helpful against only a subset of the possible attackers. After briefly reviewing a variety of approaches, we propose a user-centric comprehensive model to capture the possible threats posed by online and offline attackers, from the outside and the inside, against the security of both the plaintext and the password. We then propose a few very simple protocols, adapted from the Ford-Kaliski server-assisted password generator and the Boldyreva unique blind signature in particular, that provide the best protection against all kinds of threats, for all distributions of secrets. We also quantify the concrete security of our approach in terms of online and offline password guesses made by outsiders and insiders, in the random-oracle model. The main contribution of this paper lies not in the technical novelty of the proposed solution, but in the identification of the problem and its model. Our results have an immediate and practical application for the real world: they show how to implement single-sign-on stateless roaming authentication for the internet, in a ad-hoc user-driven fashion that requires no change to protocols or infrastructure.

Short signature without random oracles and the SDH assumption in bilinear groups

We describe a short signature scheme that is strongly existentially unforgeable under an adaptive chosen message attack in the standard security model. Our construction works in groups equipped with an efficient bilinear map, or, more generally, an algorithm for the Decision Diffie-Hellman problem. The security of our scheme depends on a new intractability assumption we call Strong Diffie-Hellman (SDH), by analogy to the Strong RSA assumption with which it shares many properties. Signature generation in our system is fast and the resulting signatures are as short as DSA signatures for comparable security. We give a tight reduction proving that our scheme is secure in any group in which the SDH assumption holds, without relying on the random oracle model.

Multi-party computation with conversion of secret sharing

Classical results in unconditionally secure multi-party computation (MPC) protocols with a passive adversary indicate that every n-variate function can be computed by n participants, such that no set of size t < n/2 participants learns any additional information other than what they could derive from their private inputs and the output of the protocol. We study unconditionally secure MPC protocols in the presence of a passive adversary in the trusted setup (‘semi-ideal’) model, in which the participants are supplied with some auxiliary information (which is random and independent from the participant inputs) ahead of the protocol execution (such information can be purchased as a “commodity” well before a run of the protocol). We present a new MPC protocol in the trusted setup model, which allows the adversary to corrupt an arbitrary number t < n of participants. Our protocol makes use of a novel subprotocol for converting an additive secret sharing over a field to a multiplicative secret sharing, and can be used to securely evaluate any n-variate polynomial G over a field F, with inputs restricted to non-zero elements of F. The communication complexity of our protocol is O(ℓ · n 2) field elements, where ℓ is the number of non-linear monomials in G. Previous protocols in the trusted setup model require communication proportional to the number of multiplications in an arithmetic circuit for G; thus, our protocol may offer savings over previous protocols for functions with a small number of monomials but a large number of multiplications.

Security evaluation of Rakaposhi Stream Cipher

Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs. Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87. If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 2 54.

Supplementary material : large scale read classification for next generation sequencing

Next Generation Sequencing (NGS) has revolutionised molecular biology, resulting in an explosion of data sets and an increasing role in clinical practice. Such applications necessarily require rapid identification of the organism as a prelude to annotation and further analysis. NGS data consist of a substantial number of short sequence reads, given context through downstream assembly and annotation, a process requiring reads consistent with the assumed species or species group. Highly accurate results have been obtained for restricted sets using SVM classifiers, but such methods are difficult to parallelise and success depends on careful attention to feature selection. This work examines the problem at very large scale, using a mix of synthetic and real data with a view to determining the overall structure of the problem and the effectiveness of parallel ensembles of simpler classifiers (principally random forests) in addressing the challenges of large scale genomics.

On the (in)security of IDEA in various hashing modes

In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.

Let them eat steak : food preferences of patients in a tertiary public hospital

Information on foods patients like and dislike is the essential basis for planning menus which are acceptable to patients and promote adequate consumption. The aim of this study was to obtain quantitative data on the food preferences of inpatients at a large metropolitan public hospital for use in menu planning. Methodology was based on a study by Williams et al (1988), and included additional questions about appetite and taste changes. The survey used a 9 point hedonic scale to rate foods listed in random order and was modified to incorporate more contemporary foods than those used in the originalWilliams study. Surveys were conducted by final year University of Queensland dietetics students on Food Service Practicum at the Royal Brisbane and Women’s Hospital (929 beds) in 2012. The first survey (220 questions, n = 157) had a response rate of 61%. The second included more sandwich fillings and salads (231 questions, n = 219, response rate 67%). Total number surveyed was 376. Results showed the most preferred foods were roast potato, grilled steak, ice cream, fresh strawberries, roast lamb, roast beef, grapes and banana. The least preferred foods were grapefruit, soybeans, lentils, sardines, prune juice and grapefruit juice. Patients who reported taste changes (10%) had similar food preferences to those who didn’t report taste changes. Patients who reported poor/very poor appetite (10%) generally scored foods lower than those who reported OK (22%), good/very good appetite (65%). The results of this study informed planning for a new patient menu at the RBWH in December 2012.

Random Gabor based templates for facial expression recognition in images with facial occlusion

Robust facial expression recognition (FER) under occluded face conditions is challenging. It requires robust algorithms of feature extraction and investigations into the effects of different types of occlusion on the recognition performance to gain insight. Previous FER studies in this area have been limited. They have spanned recovery strategies for loss of local texture information and testing limited to only a few types of occlusion and predominantly a matched train-test strategy. This paper proposes a robust approach that employs a Monte Carlo algorithm to extract a set of Gabor based part-face templates from gallery images and converts these templates into template match distance features. The resulting feature vectors are robust to occlusion because occluded parts are covered by some but not all of the random templates. The method is evaluated using facial images with occluded regions around the eyes and the mouth, randomly placed occlusion patches of different sizes, and near-realistic occlusion of eyes with clear and solid glasses. Both matched and mis-matched train and test strategies are adopted to analyze the effects of such occlusion. Overall recognition performance and the performance for each facial expression are investigated. Experimental results on the Cohn-Kanade and JAFFE databases demonstrate the high robustness and fast processing speed of our approach, and provide useful insight into the effects of occlusion on FER. The results on the parameter sensitivity demonstrate a certain level of robustness of the approach to changes in the orientation and scale of Gabor filters, the size of templates, and occlusions ratios. Performance comparisons with previous approaches show that the proposed method is more robust to occlusion with lower reductions in accuracy from occlusion of eyes or mouth.

An outcome evaluation of the ‘Skipper’ designated driver program

The general aim of designated driver programs is to reduce the level of drink driving by encouraging potential drink drivers to travel with a driver who has abstained from (or at least limited) consuming alcohol. Designated driver programs appear to be quite widespread around the world, however a limited number have been subject to rigorous evaluation. This paper reports results from an outcome evaluation of a designated driver program called ‘Skipper’, which was trialled in a provincial city in Queensland, Australia. The outcome evaluation included surveys three weeks prior to (baseline), four months following (1st follow-up), and 16 months following (2nd follow-up) the commencement of the trial in both the ‘intervention area’ (baseline, n = 202; 1st follow-up, n = 211; 2nd follow-up, n = 200) and a ‘comparison area’(baseline, n = 203; 1st follow-up, n = 199; 2nd follow-up, n = 201); and a comparison of random breath testing and crash data before and after the trial. The survey results indicate that awareness of the program in the intervention area was quite high four months following its introduction and that this was maintained at 16 months. The results also suggest that the ‘Skipper’ program and the related publicity had positive impacts on behaviour with an increase in the proportion of people participating in designated driver as a passenger. It is less clear, however, whether the ‘Skipper’ program impacted on other behaviours of interest, such as drink driving or involvement in alcohol-related crashes. Suggestions for further research and program improvement are discussed as well as limitations of the research.

Random projections on manifolds of symmetric positive definite matrices for image classification

Recent advances suggest that encoding images through Symmetric Positive Definite (SPD) matrices and then interpreting such matrices as points on Riemannian manifolds can lead to increased classification performance. Taking into account manifold geometry is typically done via (1) embedding the manifolds in tangent spaces, or (2) embedding into Reproducing Kernel Hilbert Spaces (RKHS). While embedding into tangent spaces allows the use of existing Euclidean-based learning algorithms, manifold shape is only approximated which can cause loss of discriminatory information. The RKHS approach retains more of the manifold structure, but may require non-trivial effort to kernelise Euclidean-based learning algorithms. In contrast to the above approaches, in this paper we offer a novel solution that allows SPD matrices to be used with unmodified Euclidean-based learning algorithms, with the true manifold shape well-preserved. Specifically, we propose to project SPD matrices using a set of random projection hyperplanes over RKHS into a random projection space, which leads to representing each matrix as a vector of projection coefficients. Experiments on face recognition, person re-identification and texture classification show that the proposed approach outperforms several recent methods, such as Tensor Sparse Coding, Histogram Plus Epitome, Riemannian Locality Preserving Projection and Relational Divergence Classification.

A nutrition and physical activity intervention for family child care homes

Background Family child care homes (FCCHs) provide child care to 1.9 million children in the U.S., but many do not meet established child care standards for healthy eating and physical activity. Purpose To determine the effects of a community-based train-the-trainer intervention on FCCHs policies and practices related to healthy eating and physical activity. Design Quasi-experimental design with replication in three independent cohorts of FCCHs. Setting/participants Registered FCCHs from 15 counties across Kansas participated in the Healthy Kansas Kids (HKK) program. Resource and referral agencies (RRAs) in each county recruited and enrolled between five and 15 child care providers in their service delivery area to participate in the program. The number of registered FCCHs participating in HKK in Years 1 (2006-2007); 2 (2007-2008); and 3 (2008-2009) of the program were 85, 64, and 87, respectively. A stratified random sample of registered FCCHs operating in Kansas (n=297) served as a normative comparison group. Interventions Child care trainers from each RRA completed a series of train-the-trainer workshops related to promotion of healthy eating and physical activity. FCCHs were subsequently guided through a four-step iterative process consisting of (1) self-evaluation; (2) goal setting; (3) developing an action plan; and (4) evaluating progress toward meeting goals. FCCHs also received U. S. Department of Agriculture resources related to healthy eating and physical activity. Main outcome measures Nutrition and Physical Activity Self-Assessment for Child Care (NAP SACC) self-assessment instrument (NAP SACC-SA). Analyses of outcome measures were conducted between 2008 and 2010. Results Healthy Kansas Kids FCCHs exhibited significant improvements in healthy eating (Delta=6.9%-7.1%) and physical activity (Delta=15.4%-19.2%) scores (p<0.05). Within each cohort, pre-intervention scores were not significantly different from the state average, whereas post-intervention scores were significantly higher than the state average. Conclusions Community-based train-the-trainer interventions to promote healthy eating and physical activity in FCCHs are feasible, sustainable, and effective.

A series-connected photovoltaic distributed generator capable of enhancing power quality

Design of a series-connected photovoltaic generator (SPVG) capable of enhancing power quality is investigated. Analysis of the SPVG operations under disturbance conditions shows explicitly how achievable network voltage quality is affected by the SPVG injected power and its apparent power rating, and that voltage quality can be significantly improved even with a modest level of energy storage capacity incorporated in the SPVG. A control system for the SPVG is also proposed. Both simulation and laboratory tests confirm the efficacy of the distributed generator system.

Modeling and analysis of a novel variable-speed cage induction generator

This paper introduces a novel cage induction generator and presents a mathematical model, through which its behavior can be accurately predicted. The proposed generator system employs a three-phase cage induction machine and generates single-phase and constant-frequency electricity at varying rotor speeds without an intermediate inverter stage. The technique uses any one of the three stator phases of the machine as the excitation winding and the remaining two phases, which are connected in series, as the power winding. The two-series-connected-and-one-isolated (TSCAOI) phase winding configuration magnetically decouples the two sets of windings, enabling independent control. Electricity is generated through the power winding at both sub- and super-synchronous speeds with appropriate excitation to the isolated single winding at any frequency of generation. A dynamic mathematical model, which accurately predicts the behavior of the proposed generator, is also presented and implemented in MATLAB/Simulink. Experimental results of a 2-kW prototype generator under various operating conditions are presented, together with theoretical results, to demonstrate the viability of the TSCAOI power generation. The proposed generator is simple and capable of both storage and retrieval of energy through its excitation winding and is expected to be suitable for applications, such as small wind turbines and microhydro systems.

The Number Crunch game : a simple vehicle for building algebraic reasoning skills

A newspaper numbers game based on simple arithmetic relationships is discussed. Its potential to give students of elementary algebra practice in semi-ad hoc reasoning and to build general arithmetic reasoning skills is explored.