107 resultados para Conditional autoregressive random effects model
Resumo:
This paper presents a comprehensive formal security framework for key derivation functions (KDF). The major security goal for a KDF is to produce cryptographic keys from a private seed value where the derived cryptographic keys are indistinguishable from random binary strings. We form a framework of five security models for KDFs. This consists of four security models that we propose: Known Public Inputs Attack (KPM, KPS), Adaptive Chosen Context Information Attack (CCM) and Adaptive Chosen Public Inputs Attack(CPM); and another security model, previously defined by Krawczyk [6], which we refer to as Adaptive Chosen Context Information Attack(CCS). These security models are simulated using an indistinguisibility game. In addition we prove the relationships between these five security models and analyse KDFs using the framework (in the random oracle model).
Resumo:
Objective: To calculate pooled risk estimates of the association between pigmentary characteristics and basal cell carcinoma (BCC) of the skin. Methods: We searched three electronic databases and reviewed the reference lists of the retrieved articles until July 2012 to identify eligible epidemiologic studies. Eligible studies were those published in between 1965 and July 2012 that permitted quantitative assessment of the association between histologically-confirmed BCC and any of the following characteristics: hair colour, eye colour, skin colour, skin phototype, tanning and burning ability, and presence of freckling or melanocytic nevi. We included 29 studies from 2236 initially identified. We calculated summary odds ratios (ORs) using weighted averages of the log OR, using random effects models. Results: We found strongest associations with red hair (OR 2.02; 95% CI: 1.68, 2.44), fair skin colour (OR 2.11; 95% CI: 1.56, 2.86), and having skin that burns and never tans (OR 2.03; 95% CI: 1.73, 2.38). All other factors had weaker but positive associations with BCC, with the exception of freckling of the face in adulthood which showed no association. Conclusions: Although most studies report risk estimates that are in the same direction, there is significant heterogeneity in the size of the estimates. The associations were quite modest and remarkably similar, with ORs between about 1.5 and 2.5 for the highest risk level for each factor. Given the public health impact of BCC, this meta-analysis will make a valuable contribution to our understanding of BCC.
Resumo:
Energy prices are highly volatile and often feature unexpected spikes. It is the aim of this paper to examine whether the occurrence of these extreme price events displays any regularities that can be captured using an econometric model. Here we treat these price events as point processes and apply Hawkes and Poisson autoregressive models to model the dynamics in the intensity of this process.We use load and meteorological information to model the time variation in the intensity of the process. The models are applied to data from the Australian wholesale electricity market, and a forecasting exercise illustrates both the usefulness of these models and their limitations when attempting to forecast the occurrence of extreme price events.
Resumo:
The notion of plaintext awareness ( PA ) has many applications in public key cryptography: it offers unique, stand-alone security guarantees for public key encryption schemes, has been used as a sufficient condition for proving indistinguishability against adaptive chosen-ciphertext attacks ( IND-CCA ), and can be used to construct privacy-preserving protocols such as deniable authentication. Unlike many other security notions, plaintext awareness is very fragile when it comes to differences between the random oracle and standard models; for example, many implications involving PA in the random oracle model are not valid in the standard model and vice versa. Similarly, strategies for proving PA of schemes in one model cannot be adapted to the other model. Existing research addresses PA in detail only in the public key setting. This paper gives the first formal exploration of plaintext awareness in the identity-based setting and, as initial work, proceeds in the random oracle model. The focus is laid mainly on identity-based key encapsulation mechanisms (IB-KEMs), for which the paper presents the first definitions of plaintext awareness, highlights the role of PA in proof strategies of IND-CCA security, and explores relationships between PA and other security properties. On the practical side, our work offers the first, highly efficient, general approach for building IB-KEMs that are simultaneously plaintext-aware and IND-CCA -secure. Our construction is inspired by the Fujisaki-Okamoto (FO) transform, but demands weaker and more natural properties of its building blocks. This result comes from a new look at the notion of γ -uniformity that was inherent in the original FO transform. We show that for IB-KEMs (and PK-KEMs), this assumption can be replaced with a weaker computational notion, which is in fact implied by one-wayness. Finally, we give the first concrete IB-KEM scheme that is PA and IND-CCA -secure by applying our construction to a popular IB-KEM and optimizing it for better performance.
Resumo:
Background The body of evidence related to breast-cancer-related lymphoedema incidence and risk factors has substantially grown and improved in quality over the past decade. We assessed the incidence of unilateral arm lymphoedema after breast cancer and explored the evidence available for lymphoedema risk factors. Methods We searched Academic Search Elite, Cumulative Index to Nursing and Allied Health, Cochrane Central Register of Controlled Trials (clinical trials), and Medline for research articles that assessed the incidence or prevalence of, or risk factors for, arm lymphoedema after breast cancer, published between January 1, 2000, and June 30, 2012. We extracted incidence data and calculated corresponding exact binomial 95% CIs. We used random effects models to calculate a pooled overall estimate of lymphoedema incidence, with subgroup analyses to assess the effect of different study designs, countries of study origin, diagnostic methods, time since diagnosis, and extent of axillary surgery. We assessed risk factors and collated them into four levels of evidence, depending on consistency of findings and quality and quantity of studies contributing to findings. Findings 72 studies met the inclusion criteria for the assessment of lymphoedema incidence, giving a pooled estimate of 16·6% (95% CI 13·6–20·2). Our estimate was 21·4% (14·9–29·8) when restricted to data from prospective cohort studies (30 studies). The incidence of arm lymphoedema seemed to increase up to 2 years after diagnosis or surgery of breast cancer (24 studies with time since diagnosis or surgery of 12 to <24 months; 18·9%, 14·2–24·7), was highest when assessed by more than one diagnostic method (nine studies; 28·2%, 11·8–53·5), and was about four times higher in women who had an axillary-lymph-node dissection (18 studies; 19·9%, 13·5–28·2) than it was in those who had sentinel-node biopsy (18 studies; 5·6%, 6·1–7·9). 29 studies met the inclusion criteria for the assessment of risk factors. Risk factors that had a strong level of evidence were extensive surgery (ie, axillary-lymph-node dissection, greater number of lymph nodes dissected, mastectomy) and being overweight or obese. Interpretation Our findings suggest that more than one in five women who survive breast cancer will develop arm lymphoedema. A clear need exists for improved understanding of contributing risk factors, as well as of prevention and management strategies to reduce the individual and public health burden of this disabling and distressing disorder.
Resumo:
Basing signature schemes on strong lattice problems has been a long standing open issue. Today, two families of lattice-based signature schemes are known: the ones based on the hash-and-sign construction of Gentry et al.; and Lyubashevsky’s schemes, which are based on the Fiat-Shamir framework. In this paper we show for the first time how to adapt the schemes of Lyubashevsky to the ring signature setting. In particular we transform the scheme of ASIACRYPT 2009 into a ring signature scheme that provides strong properties of security under the random oracle model. Anonymity is ensured in the sense that signatures of different users are within negligible statistical distance even under full key exposure. In fact, the scheme satisfies a notion which is stronger than the classical full key exposure setting as even if the keypair of the signing user is adversarially chosen, the statistical distance between signatures of different users remains negligible. Considering unforgeability, the best lattice-based ring signature schemes provide either unforgeability against arbitrary chosen subring attacks or insider corruption in log-sized rings. In this paper we present two variants of our scheme. In the basic one, unforgeability is ensured in those two settings. Increasing signature and key sizes by a factor k (typically 80 − 100), we provide a variant in which unforgeability is ensured against insider corruption attacks for arbitrary rings. The technique used is pretty general and can be adapted to other existing schemes.
Resumo:
Proxy re-encryption (PRE) is a highly useful cryptographic primitive whereby Alice and Bob can endow a proxy with the capacity to change ciphertext recipients from Alice to Bob, without the proxy itself being able to decrypt, thereby providing delegation of decryption authority. Key-private PRE (KP-PRE) specifies an additional level of confidentiality, requiring pseudo-random proxy keys that leak no information on the identity of the delegators and delegatees. In this paper, we propose a CPA-secure PK-PRE scheme in the standard model (which we then transform into a CCA-secure scheme in the random oracle model). Both schemes enjoy highly desirable properties such as uni-directionality and multi-hop delegation. Unlike (the few) prior constructions of PRE and KP-PRE that typically rely on bilinear maps under ad hoc assumptions, security of our construction is based on the hardness of the standard Learning-With-Errors (LWE) problem, itself reducible from worst-case lattice hard problems that are conjectured immune to quantum cryptanalysis, or “post-quantum”. Of independent interest, we further examine the practical hardness of the LWE assumption, using Kannan’s exhaustive search algorithm coupling with pruning techniques. This leads to state-of-the-art parameters not only for our scheme, but also for a number of other primitives based on LWE published the literature.
Resumo:
We revisit the venerable question of access credentials management, which concerns the techniques that we, humans with limited memory, must employ to safeguard our various access keys and tokens in a connected world. Although many existing solutions can be employed to protect a long secret using a short password, those solutions typically require certain assumptions on the distribution of the secret and/or the password, and are helpful against only a subset of the possible attackers. After briefly reviewing a variety of approaches, we propose a user-centric comprehensive model to capture the possible threats posed by online and offline attackers, from the outside and the inside, against the security of both the plaintext and the password. We then propose a few very simple protocols, adapted from the Ford-Kaliski server-assisted password generator and the Boldyreva unique blind signature in particular, that provide the best protection against all kinds of threats, for all distributions of secrets. We also quantify the concrete security of our approach in terms of online and offline password guesses made by outsiders and insiders, in the random-oracle model. The main contribution of this paper lies not in the technical novelty of the proposed solution, but in the identification of the problem and its model. Our results have an immediate and practical application for the real world: they show how to implement single-sign-on stateless roaming authentication for the internet, in a ad-hoc user-driven fashion that requires no change to protocols or infrastructure.
Efficient extension of standard Schnorr/RSA signatures into Universal Designated-Verifier Signatures
Resumo:
Universal Designated-Verifier Signature (UDVS) schemes are digital signature schemes with additional functionality which allows any holder of a signature to designate the signature to any desired designated-verifier such that the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. Since UDVS schemes reduce to standard signatures when no verifier designation is performed, it is natural to ask how to extend the classical Schnorr or RSA signature schemes into UDVS schemes, so that the existing key generation and signing implementation infrastructure for these schemes can be used without modification. We show how this can be efficiently achieved, and provide proofs of security for our schemes in the random oracle model.
Resumo:
A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.
Resumo:
Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. We propose an efficient deterministic UDVS scheme constructed using any bilinear group-pair. Our UDVS scheme functions as a standard Boneh-Lynn-Shacham (BLS) signature when no verifier-designation is performed, and is therefore compatible with the key-generation, signing and verifying algorithms of the BLS scheme. We prove that our UDVS scheme is secure in the sense of our unforgeability and privacy notions for UDVS schemes, under the Bilinear Diffie-Hellman (BDH) assumption for the underlying group-pair, in the random-oracle model. We also demonstrate a general constructive equivalence between a class of unforgeable and unconditionally-private UDVS schemes having unique signatures (which includes the deterministic UDVS schemes) and a class of ID-Based Encryption (IBE) schemes which contains the Boneh-Franklin IBE scheme but not the Cocks IBE scheme.
Resumo:
In 2001, the red imported fire ant (Solenopsis invicta Buren) was identified in Brisbane, Australia. An eradication program involving broadcast bait treatment with two insect growth regulators and a metabolic inhibitor began in September of that year and is currently ongoing. To gauge the impacts of these treatments on local ant populations, we examined long-term monitoring data and quantified abundance patterns of S. invicta and common local ant genera using a linear mixed-effects model. For S. invicta, presence in pitfalls reduced over time to zero on every site. Significantly higher numbers of S. invicta workers were collected on high-density polygyne sites, which took longer to disinfest compared with monogyne and low-density polygyne sites. For local ants, nine genus groups of the 10 most common genera analyzed either increased in abundance or showed no significant trend. Five of these genus groups were significantly less abundant at the start of monitoring on high-density polygyne sites compared with monogyne and low-density polygyne sites. The genus Pheidole significantly reduced in abundance over time, suggesting that it was affected by treatment efforts. These results demonstrate that the treatment regime used at the time successfully removed S. invicta from these sites in Brisbane, and that most local ant genera were not seriously impacted by the treatment. These results have important implications for current and future prophylactic treatment efforts, and suggest that native ants remain in treated areas to provide some biological resistance to S. invicta.
Resumo:
Spatial data are now prevalent in a wide range of fields including environmental and health science. This has led to the development of a range of approaches for analysing patterns in these data. In this paper, we compare several Bayesian hierarchical models for analysing point-based data based on the discretization of the study region, resulting in grid-based spatial data. The approaches considered include two parametric models and a semiparametric model. We highlight the methodology and computation for each approach. Two simulation studies are undertaken to compare the performance of these models for various structures of simulated point-based data which resemble environmental data. A case study of a real dataset is also conducted to demonstrate a practical application of the modelling approaches. Goodness-of-fit statistics are computed to compare estimates of the intensity functions. The deviance information criterion is also considered as an alternative model evaluation criterion. The results suggest that the adaptive Gaussian Markov random field model performs well for highly sparse point-based data where there are large variations or clustering across the space; whereas the discretized log Gaussian Cox process produces good fit in dense and clustered point-based data. One should generally consider the nature and structure of the point-based data in order to choose the appropriate method in modelling a discretized spatial point-based data.
Resumo:
We present entire sequences of two hymenopteran mitochondrial genomes and the major portion of three others. We combined these data with nine previously sequenced hymenopteran mitochondrial genomes. This allowed us to infer and analyze the evolution of the 67 mitochondrial gene rearrangements so far found in this order. All of these involve tRNA genes, whereas four also involve larger (protein-coding or ribosomal RNA) genes. We find that the vast majority of mitochondrial gene rearrangements are independently derived. A maximum of four of these rearrangements represent shared, derived organizations, whereas three are convergently derived. The remaining mitochondrial gene rearrangements represent new mitochondrial genome organizations. These data are consistent with the proposal that there are an enormous number of alternative mitochondrial genome organizations possible and that mitochondrial genome organization is, for the most part, selectively neutral. Nevertheless, some mitochondrial genes appear less mobile than others. Genes close to the noncoding region are generally more mobile but only marginally so. Some mitochondrial genes rearrange in a pattern consistent with the duplication/random loss model, but more mitochondrial genes move in a pattern inconsistent with this model. An increased rate of mitochondrial gene rearrangement is not tightly associated with the evolution of parasitism. Although parasitic lineages tend to have more mitochondrial gene rearrangements than nonparasitic lineages, there are exceptions (e.g., Orussus and Schlettererius). It is likely that only a small proportion of the total number of mitochondrial gene rearrangements that have occurred during the evolution of the Hymenoptera have been sampled in the present study.
Resumo:
A comprehensive revision of the Global Burden of Disease (GBD) study is expected to be completed in 2012. This study utilizes a broad range of improved methods for assessing burden, including closer attention to empirically derived estimates of disability. The aim of this paper is to describe how GBD health states were derived for schizophrenia and bipolar disorder. These will be used in deriving health state-specific disability estimates. A literature review was first conducted to settle on a parsimonious set of health states for schizophrenia and bipolar disorder. A second review was conducted to investigate the proportion of schizophrenia and bipolar disorder cases experiencing these health states. These were pooled using a quality-effects model to estimate the overall proportion of cases in each state. The two schizophrenia health states were acute (predominantly positive symptoms) and residual (predominantly negative symptoms). The three bipolar disorder health states were depressive, manic, and residual. Based on estimates from six studies, 63% (38%-82%) of schizophrenia cases were in an acute state and 37% (18%-62%) were in a residual state. Another six studies were identified from which 23% (10%-39%) of bipolar disorder cases were in a manic state, 27% (11%-47%) were in a depressive state, and 50% (30%-70%) were in a residual state. This literature review revealed salient gaps in the literature that need to be addressed in future research. The pooled estimates are indicative only and more data are required to generate more definitive estimates. That said, rather than deriving burden estimates that fail to capture the changes in disability within schizophrenia and bipolar disorder, the derived proportions and their wide uncertainty intervals will be used in deriving disability estimates.
