Efficient disjointness tests for private datasets

We present efficient protocols for private set disjointness tests. We start from an intuition of our protocols that applies Sylvester matrices. Unfortunately, this simple construction is insecure as it reveals information about the cardinality of the intersection. More specifically, it discloses its lower bound. By using the Lagrange interpolation we provide a protocol for the honest-but-curious case without revealing any additional information. Finally, we describe a protocol that is secure against malicious adversaries. The protocol applies a verification test to detect misbehaving participants. Both protocols require O(1) rounds of communication. Our protocols are more efficient than the previous protocols in terms of communication and computation overhead. Unlike previous protocols whose security relies on computational assumptions, our protocols provide information theoretic security. To our knowledge, our protocols are first ones that have been designed without a generic secure function evaluation. More importantly, they are the most efficient protocols for private disjointness tests for the malicious adversary case.

On secure multi-party computation in black-box groups

We study the natural problem of secure n-party computation (in the passive, computationally unbounded attack model) of the n-product function f G (x 1,...,x n ) = x 1 ·x 2 ⋯ x n in an arbitrary finite group (G,·), where the input of party P i is x i  ∈ G for i = 1,...,n. For flexibility, we are interested in protocols for f G which require only black-box access to the group G (i.e. the only computations performed by players in the protocol are a group operation, a group inverse, or sampling a uniformly random group element). Our results are as follows. First, on the negative side, we show that if (G,·) is non-abelian and n ≥ 4, then no ⌈n/2⌉-private protocol for computing f G exists. Second, on the positive side, we initiate an approach for construction of black-box protocols for f G based on k-of-k threshold secret sharing schemes, which are efficiently implementable over any black-box group G. We reduce the problem of constructing such protocols to a combinatorial colouring problem in planar graphs. We then give two constructions for such graph colourings. Our first colouring construction gives a protocol with optimal collusion resistance t < n/2, but has exponential communication complexity O(n*2t+1^2/t) group elements (this construction easily extends to general adversary structures). Our second probabilistic colouring construction gives a protocol with (close to optimal) collusion resistance t < n/μ for a graph-related constant μ ≤ 2.948, and has efficient communication complexity O(n*t^2) group elements. Furthermore, we believe that our results can be improved by further study of the associated combinatorial problems.

Universal designated-verifier signatures

Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. We propose an efficient deterministic UDVS scheme constructed using any bilinear group-pair. Our UDVS scheme functions as a standard Boneh-Lynn-Shacham (BLS) signature when no verifier-designation is performed, and is therefore compatible with the key-generation, signing and verifying algorithms of the BLS scheme. We prove that our UDVS scheme is secure in the sense of our unforgeability and privacy notions for UDVS schemes, under the Bilinear Diffie-Hellman (BDH) assumption for the underlying group-pair, in the random-oracle model. We also demonstrate a general constructive equivalence between a class of unforgeable and unconditionally-private UDVS schemes having unique signatures (which includes the deterministic UDVS schemes) and a class of ID-Based Encryption (IBE) schemes which contains the Boneh-Franklin IBE scheme but not the Cocks IBE scheme.

Microbiological characterisation of soils : Evaluation of some critical steps in data collection and experimental design

The study of soil microbiota and their activities is central to the understanding of many ecosystem processes such as decomposition and nutrient cycling. The collection of microbiological data from soils generally involves several sequential steps of sampling, pretreatment and laboratory measurements. The reliability of results is dependent on reliable methods in every step. The aim of this thesis was to critically evaluate some central methods and procedures used in soil microbiological studies in order to increase our understanding of the factors that affect the measurement results and to provide guidance and new approaches for the design of experiments. The thesis focuses on four major themes: 1) soil microbiological heterogeneity and sampling, 2) storage of soil samples, 3) DNA extraction from soil, and 4) quantification of specific microbial groups by the most-probable-number (MPN) procedure. Soil heterogeneity and sampling are discussed as a single theme because knowledge on spatial (horizontal and vertical) and temporal variation is crucial when designing sampling procedures. Comparison of adjacent forest, meadow and cropped field plots showed that land use has a strong impact on the degree of horizontal variation of soil enzyme activities and bacterial community structure. However, regardless of the land use, the variation of microbiological characteristics appeared not to have predictable spatial structure at 0.5-10 m. Temporal and soil depth-related patterns were studied in relation to plant growth in cropped soil. The results showed that most enzyme activities and microbial biomass have a clear decreasing trend in the top 40 cm soil profile and a temporal pattern during the growing season. A new procedure for sampling of soil microbiological characteristics based on stratified sampling and pre-characterisation of samples was developed. A practical example demonstrated the potential of the new procedure to reduce the analysis efforts involved in laborious microbiological measurements without loss of precision. The investigation of storage of soil samples revealed that freezing (-20 °C) of small sample aliquots retains the activity of hydrolytic enzymes and the structure of the bacterial community in different soil matrices relatively well whereas air-drying cannot be recommended as a storage method for soil microbiological properties due to large reductions in activity. Freezing below -70 °C was the preferred method of storage for samples with high organic matter content. Comparison of different direct DNA extraction methods showed that the cell lysis treatment has a strong impact on the molecular size of DNA obtained and on the bacterial community structure detected. An improved MPN method for the enumeration of soil naphthalene degraders was introduced as an alternative to more complex MPN protocols or the DNA-based quantification approach. The main advantage of the new method is the simple protocol and the possibility to analyse a large number of samples and replicates simultaneously.

Erretiroaren pentsioa eta adinez langile nagusien lan-bizitzaren luzamena

[Pentsio-sistema honela antolatzen da: lehen maila, kotizaziopeko pentsioak jasotzen ez dituztenei pentsioak ordaintzera bideratzen da; bigarren maila, Gizarte Segurantza edo kotizaziopeko pentsioena da; hirugarren maila, borondatezko gizarte-aurreikuspen osagarriari dagokio Euskal Autonomia Erkidegoan eta pentsio-planei Espainian. Bigarren mailan, Gizarte Segurantza banaketa-sisteman oinarritzen da. 2050ean erretiro-pentsioak finantzatzeko arazoak egotea espero da. Etorkizuneko egoerari aurre egiteko, 27/2011 Legearen eta 5/2013 Errege Lege Dekretuaren bitartez, erreformak burutu dira. Hirugarren mailan, Euskal Autonomia Erkidegoan gizarte-aurreikuspen osagarria Eusko Jaurlaritzaren esku dago eta Borondatezko Aurreikuspen Sozialeko Erakundeen (BASE) aurreikuspen-planak bertako pentsio-plan propioak dira. Lan honetan, batez ere, pentsio-sistemaren bigarren eta hirugarren mailak aztertuko ditut. Lehenengo marko teorikoa, ondoren alde praktikoa, eta azkenean datuetan oinarrituz proposamen batzuk eman eta ondorioak aterako ditut.]

Coexistence of high-bit-rate quantum key distribution and data on optical fiber

Quantum key distribution (QKD) uniquely allows distribution of cryptographic keys with security verified by quantum mechanical limits. Both protocol execution and subsequent applications require the assistance of classical data communication channels. While using separate fibers is one option, it is economically more viable if data and quantum signals are simultaneously transmitted through a single fiber. However, noise-photon contamination arising from the intense data signal has severely restricted both the QKD distances and secure key rates. Here, we exploit a novel temporal-filtering effect for noise-photon rejection. This allows high-bit-rate QKD over fibers up to 90 km in length and populated with error-free bidirectional Gb/s data communications. With high-bit rate and range sufficient for important information infrastructures, such as smart cities and 10 Gbit Ethernet, QKD is a significant step closer towards wide-scale deployment in fiber networks.

基于动态可信度的可调节安全模型

提出一个基于动态可信度的可调节安全模型MSMBDTD(modified security model based on dynamic trusted degree),它在可信计算的可信认证和度量的基础上,定义可信度判定规则,对系统运行过程中可信度的变化实施动态分析,在此基础上分别调节主体的访问权限,使可信度和访问范围保持一致,实现基于可信度的访问控制。文中对MSMBDTD进行了形式化描述,并分析和证明了模型的安全性。

RFID安全协议的设计与分析

回顾了已有的各种RFID安全机制,重点介绍基于密码技术的RFID安全协议;分析了这些协议的缺陷;讨论了基于可证明安全性理论来设计和分析RFID安全协议的模型和方法.

可证明安全性理论与方法研究

论述了可证明安全性理论在安全方案与安全协议的设计与分析中的应用，内容主要包括：什么是可证明安全性，可证明安全性理论涉及到的一些基本概念，RO（randomoracle）模型方法论的基本思想及其在公钥加密和数字签名等方案中的应用研究进展，标准模型下可证明安全性理论在公钥加密和数字签名等方案中的应用研究进展，以及可证明安全性理论在会话密钥分配协议的设计与分析中的应用研究进展．

一种可并行的消息认证码

提出并分析了一种确定的、可并行的消息认证码--DPMAC(deterministic parallelizable message authentication code).它基于分组长度为128-bit的分组密码来构造.使用一个密钥,可以处理任意长度的消息.在底层分组密码是伪随机置换的假设下,使用Game-Playing技术量化了攻击者成功伪造的概率,从而证明了其安全性.

一种可证明安全的消息认证码

消息认证码是保证消息完整性的重要工具,它广泛应用于各种安全系统中.随着可证明安全理论的逐渐成熟,具备可证明安全的消息认证码无疑成为人们的首选.本文基于XOR MAC和PMAC的构造方法,使用分组密码构造了一种确定性、可并行的消息认证码-DXOR MAC(Deterministic XOR MAC).在底层分组密码是伪随机置换的假设下,本文使用Game-Playing技术量化了攻击者成功伪造的概率,从而证明了其安全性.

基于访问控制空间的多策略安全体系结构

为解决LSM在策略重用和策略共存方面存在的问题，提出了一个新的安全体系结构ELSM，它引入一个模型组合器作为主模块实施模块堆栈管理和模块决策管理，其中模块决策的实施采用了访问控制空间的策略规范方法，可支持通用性，ELSM的设计及其在安胜OS安全操作系统中的实例分析表明其有效性。

基于UML和模型检测的安全模型验证方法

安全策略的形式化分析与验证随着安全操作系统研究的不断深入已成为当前的研究热点之一.文中在总结前人工作的基础上,首次提出一种基于UML和模型检测器的安全模型验证方法.该方法采用UML将安全策略模型描述为状态机图和类图,然后利用转换工具将UML图转化为模型检测器的输入语言,最后由模型检测器来验证安全模型对于安全需求的满足性.作者使用该方法验证了DBLP和SLCF模型对机密性原则的违反.