649 resultados para Encapsulation
Resumo:
Minimizing complexity of group key exchange (GKE) protocols is an important milestone towards their practical deployment. An interesting approach to achieve this goal is to simplify the design of GKE protocols by using generic building blocks. In this paper we investigate the possibility of founding GKE protocols based on a primitive called multi key encapsulation mechanism (mKEM) and describe advantages and limitations of this approach. In particular, we show how to design a one-round GKE protocol which satisfies the classical requirement of authenticated key exchange (AKE) security, yet without forward secrecy. As a result, we obtain the first one-round GKE protocol secure in the standard model. We also conduct our analysis using recent formal models that take into account both outsider and insider attacks as well as the notion of key compromise impersonation resilience (KCIR). In contrast to previous models we show how to model both outsider and insider KCIR within the definition of mutual authentication. Our analysis additionally implies that the insider security compiler by Katz and Shin from ACM CCS 2005 can be used to achieve more than what is shown in the original work, namely both outsider and insider KCIR.
Resumo:
We give a direct construction of a certificateless key encapsulation mechanism (KEM) in the standard model that is more efficient than the generic constructions proposed before by Huang and Wong \cite{DBLP:conf/acisp/HuangW07}. We use a direct construction from Kiltz and Galindo's KEM scheme \cite{DBLP:conf/acisp/KiltzG06} to obtain a certificateless KEM in the standard model; our construction is roughly twice as efficient as the generic construction. We also address the security flaw discovered by Selvi et al. \cite{cryptoeprint:2009:462}.
Resumo:
We show how to construct a certificateless key agreement protocol from the certificateless key encapsulation mechanism introduced by \cite{lippold-ICISC_2009} in ICISC 2009 using the \cite{DBLP:conf/acisp/BoydCNP08} protocol from ACISP 2008. We introduce the Canetti-Krawczyk (CK) model for certificateless cryptography, give security notions for Type I and Type II adversaries in the CK model, and highlight the differences to the existing e$^2$CK model discussed by \cite{DBLP:conf/pairing/LippoldBN09}. The resulting CK model is more relaxed thus giving more power to the adversary than the original CK model.
Resumo:
A group key exchange (GKE) protocol allows a set of parties to agree upon a common secret session key over a public network. In this thesis, we focus on designing efficient GKE protocols using public key techniques and appropriately revising security models for GKE protocols. For the purpose of modelling and analysing the security of GKE protocols we apply the widely accepted computational complexity approach. The contributions of the thesis to the area of GKE protocols are manifold. We propose the first GKE protocol that requires only one round of communication and is proven secure in the standard model. Our protocol is generically constructed from a key encapsulation mechanism (KEM). We also suggest an efficient KEM from the literature, which satisfies the underlying security notion, to instantiate the generic protocol. We then concentrate on enhancing the security of one-round GKE protocols. A new model of security for forward secure GKE protocols is introduced and a generic one-round GKE protocol with forward security is then presented. The security of this protocol is also proven in the standard model. We also propose an efficient forward secure encryption scheme that can be used to instantiate the generic GKE protocol. Our next contributions are to the security models of GKE protocols. We observe that the analysis of GKE protocols has not been as extensive as that of two-party key exchange protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for GKE protocols. We model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure against KCI attacks. A new proof of security for an existing GKE protocol is given under the revised model assuming random oracles. Subsequently, we treat the security of GKE protocols in the universal composability (UC) framework. We present a new UC ideal functionality for GKE protocols capturing the security attribute of contributiveness. An existing protocol with minor revisions is then shown to realize our functionality in the random oracle model. Finally, we explore the possibility of constructing GKE protocols in the attribute-based setting. We introduce the concept of attribute-based group key exchange (AB-GKE). A security model for AB-GKE and a one-round AB-GKE protocol satisfying our security notion are presented. The protocol is generically constructed from a new cryptographic primitive called encapsulation policy attribute-based KEM (EP-AB-KEM), which we introduce in this thesis. We also present a new EP-AB-KEM with a proof of security assuming generic groups and random oracles. The EP-AB-KEM can be used to instantiate our generic AB-GKE protocol.
Resumo:
Mesenchymal Stem Cells (MSC) are frequently incorporated into osteochondral implants and cell seeding is often facilitated with hydrogels which exert a profound influence on the chondrogenic differentiation of MSC. An attempt was made to elucidate this effect by comparing the chondrogenic differentiation of Bone Marrow Stromal Cells (BMSC) in fibrin and fibrin alginate composites. A biphasic osteochondral model which simulated the native in vivo environment was employed in the study. In the first stage of the experiment, BMSC was encapsulated in fibrin, Fibrin Alginate 0.3% (FA0.3) and 0.6% (FA0.6). Chondrogenic differentiation within these cell-hydrogel pellets was compared against that of standard cell pellets under inductive conditions and the matrices which supported chondrogenesis were used in the cartilage phase of biphasic constructs. Neo-cartilage growth was monitored in these cocultures. It was observed that hydrogel encapsulation influenced mesenchymal condensation which preceded chondrogenic differentiation. Early cell agglomeration was observed in fibrin as compared to fibrin alginate composites. These fibrin encapsulated cells differentiated into chondrocytes which secreted aggrecan and collagen II. When the alginate content rose from 0.3 to 0.6%, chondrogenic differentiation declined with a reduction in the expression of collagen II and aggrecan. Fibrin and FA0.3 were tested in the cartilage phase of the biphasic osteochondral constructs and the former supported superior cartilage growth with higher cellularity, total Glycosaminoglycan (GAG) and collagen II levels. The FA0.3 cartilage phase was found to be fragmented and partially calcified. The use of fibrin for cartilage repair was advocated as it facilitated BMSC chondrogenesis and cartilaginous growth in an osteochondral environment.
Resumo:
The behaviour of cells cultured within three-dimensional (3D) structures rather than onto two-dimensional (2D) culture plastic more closely reflects their in vivo responses. Consequently, 3D culture systems are becoming crucial scientific tools in cancer cell research. We used a novel 3D culture concept to assess cell-matrix interactions implicated in carcinogenesis: a synthetic hydrogel matrix equipped with key biomimetic features, namely incorporated cell integrin-binding motifs (e.g. RGD peptides) and the ability of being degraded by cell-secreted proteases (e.g. matrix metalloproteases). As a cell model, we chose epithelial ovarian cancer, an aggressive disease typically diagnosed at an advanced stage when chemoresistance occurs. Both cell lines used (OV-MZ-6, SKOV-3) proliferated similarly in 2D, but not in 3D. Spheroid formation was observed exclusively in 3D when cells were embedded within hydrogels. By exploiting the design flexibility of the hydrogel characteristics, we showed that proliferation in 3D was dependent on cell-integrin engagement and the ability of cells to proteolytically remodel their extracellular microenvironment. Higher survival rates after exposure to the anti-cancer drug paclitaxel were observed in cell spheroids grown in hydrogels (40-60%) compared to cell monolayers in 2D (20%). Thus, 2D evaluation of chemosensitivity may not reflect pathophysiological events seen in patients. Because of the design flexibility of their characteristics and their stability in long-term cultures (28 days), these biomimetic hydrogels represent alternative culture systems for the increasing demand in cancer research for more versatile, physiologically relevant and reproducible 3D matrices.
Resumo:
The development of growth factor delivery strategies to circumvent the burst release phenomenon prevalent in most current systems has driven research towards encapsulating molecules in resorbable polymer matrices. For these polymer release techniques to be efficacious in a clinical setting, several key points need to be addressed. This present study has investigated the encapsulation of the growth factor, BMP-2 within PLGA/PLGA-PEG-PLGA microparticles. Morphology, size distribution, encapsulation efficiency and release kinetics were investigated and we have demonstrated a sustained release of bioactive BMP-2. Furthermore, biocompatibility of the PLGA microparticles was established and released BMP-2 was shown to promote the differentiation of MC3T3-E1 cells towards the osteogenic lineage to a greater extent than osteogenic supplements (as early as day 10 in culture), as determined using alkaline phosphatase and alizarin red assays. This study showcases a potential BMP-2 delivery system which may now be translated into more complex delivery systems, such as 3D, mechanically robust scaffolds for bone tissue regeneration applications.
Resumo:
We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.
Resumo:
The contributions of this thesis fall into three areas of certificateless cryptography. The first area is encryption, where we propose new constructions for both identity-based and certificateless cryptography. We construct an n-out-of- n group encryption scheme for identity-based cryptography that does not require any special means to generate the keys of the trusted authorities that are participating. We also introduce a new security definition for chosen ciphertext secure multi-key encryption. We prove that our construction is secure as long as at least one authority is uncompromised, and show that the existing constructions for chosen ciphertext security from identity-based encryption also hold in the group encryption case. We then consider certificateless encryption as the special case of 2-out-of-2 group encryption and give constructions for highly efficient certificateless schemes in the standard model. Among these is the first construction of a lattice-based certificateless encryption scheme. Our next contribution is a highly efficient certificateless key encapsulation mechanism (KEM), that we prove secure in the standard model. We introduce a new way of proving the security of certificateless schemes based that are based on identity-based schemes. We leave the identity-based part of the proof intact, and just extend it to cover the part that is introduced by the certificateless scheme. We show that our construction is more efficient than any instanciation of generic constructions for certificateless key encapsulation in the standard model. The third area where the thesis contributes to the advancement of certificateless cryptography is key agreement. Swanson showed that many certificateless key agreement schemes are insecure if considered in a reasonable security model. We propose the first provably secure certificateless key agreement schemes in the strongest model for certificateless key agreement. We extend Swanson's definition for certificateless key agreement and give more power to the adversary. Our new schemes are secure as long as each party has at least one uncompromised secret. Our first construction is in the random oracle model and gives the adversary slightly more capabilities than our second construction in the standard model. Interestingly, our standard model construction is as efficient as the random oracle model construction.
Resumo:
We report on the use of the hydrogen bond accepting properties of neutral nitrone moieties to prepare benzylic-amide-macrocycle-containing [2]rotaxanes in yields as high as 70 %. X-Ray crystallography shows the presence of up to four intercomponent hydrogen bonds between the amide groups of the macrocycle and the two nitrone groups of the thread. Dynamic 1H NMR studies of the rates of macrocycle pirouetting in nonpolar solutions indicate that amide-nitrone hydrogen bonds are particularly strong, ~1.3 and ~0.2 kcal mol-1 stronger than similar amide-ester and amide-amide interactions, respectively. In addition to polarizing the N-O bond through hydrogen bonding, the rotaxane structure affects the chemistry of the nitrone groups in two significant ways: The intercomponent hydrogen bonding activates the nitrone groups to electrochemical reduction, a one electron reduction of the rotaxane being stablized by a remarkable 400 mV (8.1 kcal mol-1) with respect to the same process in the thread; encapsulation, however, protects the same functional groups from chemical reduction with an external reagent (and slows down electron transfer to and from the electroactive groups in cyclicvoltammetry experiments). Mechanical interlocking with a hydrogen bonding molecular sheath thus provides a route to an encapsulated polarized functional group and radical anions of significant kinetic and thermodynamic stability.
Resumo:
Existing secure software development principles tend to focus on coding vulnerabilities, such as buffer or integer overflows, that apply to individual program statements, or issues associated with the run-time environment, such as component isolation. Here we instead consider software security from the perspective of potential information flow through a program’s object-oriented module structure. In particular, we define a set of quantifiable "security metrics" which allow programmers to quickly and easily assess the overall security of a given source code program or object-oriented design. Although measuring quality attributes of object-oriented programs for properties such as maintainability and performance has been well-covered in the literature, metrics which measure the quality of information security have received little attention. Moreover, existing securityrelevant metrics assess a system either at a very high level, i.e., the whole system, or at a fine level of granularity, i.e., with respect to individual statements. These approaches make it hard and expensive to recognise a secure system from an early stage of development. Instead, our security metrics are based on well-established compositional properties of object-oriented programs (i.e., data encapsulation, cohesion, coupling, composition, extensibility, inheritance and design size), combined with data flow analysis principles that trace potential information flow between high- and low-security system variables. We first define a set of metrics to assess the security quality of a given object-oriented system based on its design artifacts, allowing defects to be detected at an early stage of development. We then extend these metrics to produce a second set applicable to object-oriented program source code. The resulting metrics make it easy to compare the relative security of functionallyequivalent system designs or source code programs so that, for instance, the security of two different revisions of the same system can be compared directly. This capability is further used to study the impact of specific refactoring rules on system security more generally, at both the design and code levels. By measuring the relative security of various programs refactored using different rules, we thus provide guidelines for the safe application of refactoring steps to security-critical programs. Finally, to make it easy and efficient to measure a system design or program’s security, we have also developed a stand-alone software tool which automatically analyses and measures the security of UML designs and Java program code. The tool’s capabilities are demonstrated by applying it to a number of security-critical system designs and Java programs. Notably, the validity of the metrics is demonstrated empirically through measurements that confirm our expectation that program security typically improves as bugs are fixed, but worsens as new functionality is added.
Resumo:
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistringuishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can be essentially relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) for ciphertexts once they pass the gateway that acts as an IND-CCA/CPA filter by first checking the validity of an incoming IND-CCA ciphertext, then transforming it (if valid) into an IND-CPA ciphertext, and forwarding the latter to the receipient in the private domain. "Non-trivial filtering" can result in reduced decryption costs on the receivers' side. We identify a class of encryption schemes with publicaly verifiable ciphertexts that admit generic constructions of (non-trivial) IND-CCA/CPA filters. These schemes are characterized by existence of public algorithms that can distinguish between valid and invalid ciphertexts. To this end, we formally define (non-trivial) public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms, and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Resumo:
This paper describes how a team from a large company, when faced with a challenge to develop new customers in fast growing international markets, carried out the exploration of the needs of new clients in the largely unexplored market space of a developing country. This team used design methods and processes to identify the latent needs of new customers in situations of major economic, geographical, cultural and financial constraints. This encapsulation of the life experiences of potential customers is used extensively in some new product development, but is largely novel to business practices and in processes of developing new services. This research links with the sub-theme of discovering creativity in necessity and highlights the potential benefits of design methodologies to create new possibilities for better accessibility of the company’s products to new clients, with future implications for organizational strategy. The overall theme of Design for the Colloquium encourages exploration of the ways and means of developing new ideas for new business with better outcomes, using design concepts and design technologies.
Resumo:
There remains a substantial shortfall in treatment of severe skeletal injuries. The current gold standard of autologous bone grafting from the same patient, has many undesirable side effects associated such as donor site morbidity. Tissue engineering seeks to offer a solution to this problem. The primary requirements for tissue engineered scaffolds have already been well established, and many materials, such as polyesters, present themselves as potential candidates for bone defects; they have comparable structural features, but they often lack the required osteoconductivity to promote adequate bone regeneration. By combining these materials with biological growth factors; which promote the infiltration of cells into the scaffold as well as the differentiation into the specific cell and tissue type, it is possible to increase the formation of new bone. However cost and potential complications associated with growth factors means controlled release is an important consideration in the design of new bone tissue engineering strategies. This review will cover recent research in the area of encapsulation and release of growth factors within a variety of different polymeric scaffolds.
