A verifiable random function with short proofs and keys
•Download as PPT, PDF•
1 like•791 views
The document describes a construction of a verifiable random function (VRF) that improves upon previous work. It directly constructs a VRF without using Goldreich-Levin hardcore bits, allows inputs of arbitrary size without encoding, and has proofs and keys consisting of a constant number of group elements. The security of the VRF relies on complexity assumptions in bilinear groups and it finds applications like non-interactive lotteries and compact e-cash schemes.
Report
Share
Report
Share
![Outline ,[object Object],[object Object],[object Object],[object Object],[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommended
zk-SNARKsの仕組みについて
zk-SNARKs are zero-knowledge succinct non-interactive arguments of knowledge that allow a prover to convince a verifier of a statement without revealing details. They work by converting a function and its inputs/outputs into a quadratic arithmetic program (QAP) represented as polynomials. This allows a verifier to efficiently check a proof generated by the prover using techniques like Lagrange interpolation and pairings on elliptic curves to ensure the polynomials satisfy the QAP without directly evaluating the function. The setup requires a "trusted setup" but then allows very efficient verification.
計算スケジューリングの効果~もし,Halideがなかったら?~
Halide勉強会資料
https://halide-ug.connpass.com/event/91556/
コードは参考までに以下に上げました.
https://github.com/norishigefukushima/gaussian_Halide_study
Unityとシェーダで描く360度フラクタル
画像検索などで「3Dフラクタル」と検索をかけると、実に不思議な画像がたくさん見つかります。これらの3Dフラクタル画像の多くは「レイマーチング法」とよばれる手法によって描かれています。
本資料ではこのレイマーチング法による3Dフラクタル描画をUnityを用いて行う方法を(なるべく初心者にも分かるように)紹介します。さらにプラネタリウムのようなドーム映像や、VR映像にも使用できる形式での描画方法も紹介していきます。
テストとリファクタリングに関する深い方法論 #wewlc_jp
レガシーコード改善勉強会 in Yahoo Japan 2014.09.27
プロジェクトに対する方法論構築と、タスクマネジメントについての紹介
後半はMikado Methodの簡易紹介です。
Recommended
zk-SNARKsの仕組みについて
zk-SNARKs are zero-knowledge succinct non-interactive arguments of knowledge that allow a prover to convince a verifier of a statement without revealing details. They work by converting a function and its inputs/outputs into a quadratic arithmetic program (QAP) represented as polynomials. This allows a verifier to efficiently check a proof generated by the prover using techniques like Lagrange interpolation and pairings on elliptic curves to ensure the polynomials satisfy the QAP without directly evaluating the function. The setup requires a "trusted setup" but then allows very efficient verification.
計算スケジューリングの効果~もし,Halideがなかったら?~
Halide勉強会資料
https://halide-ug.connpass.com/event/91556/
コードは参考までに以下に上げました.
https://github.com/norishigefukushima/gaussian_Halide_study
Unityとシェーダで描く360度フラクタル
画像検索などで「3Dフラクタル」と検索をかけると、実に不思議な画像がたくさん見つかります。これらの3Dフラクタル画像の多くは「レイマーチング法」とよばれる手法によって描かれています。
本資料ではこのレイマーチング法による3Dフラクタル描画をUnityを用いて行う方法を(なるべく初心者にも分かるように)紹介します。さらにプラネタリウムのようなドーム映像や、VR映像にも使用できる形式での描画方法も紹介していきます。
テストとリファクタリングに関する深い方法論 #wewlc_jp
レガシーコード改善勉強会 in Yahoo Japan 2014.09.27
プロジェクトに対する方法論構築と、タスクマネジメントについての紹介
後半はMikado Methodの簡易紹介です。
"Simple Made Easy" Made Easy
This document discusses the concept of "simple" and "easy" as it relates to programming languages and Clojure in particular. It explores the differences between concepts that are simple versus complex, and easy versus hard. It provides examples of how Clojure aims to make programming simple by avoiding unnecessary complexity through choices like immutable data and avoiding side effects.
知識グラフの埋め込みとその応用 (第10回ステアラボ人工知能セミナー)
講演者: 林克彦 先生 (NTTコミュニケーション科学基礎研究所)
概要: 情報検索, 自然言語処理, バイオインフォマティクスなどの分野では知識グラフの構築が活発に行われてきた. 知識グラフでは知識をドメイン内の概念と概念の間の関係で記述し, それをグラフとして表現する. 例えば, 語彙間の関係を記述した WordNet や
Freebase は知識グラフの代表的な例であり, 情報抽出, 質問応答などへの応用が期待されている. このような知識グラフは一般に大規模であるが, 本来登録されているべき知識の多くが欠落しているなど不完全であることが知られている. そのため, 近年では関係データ学習/リンク予測法を拡張することで, このような欠落を自動的に補完する技術が研究されてきた. 知識グラフの関係データ学習は一般に3次隣接テンソルの低ランク近似 (埋め込み) の問題として解かれるが, 知識グラフ特有の問題から CP 分解などの単純なテンソル分解では上手くモデル化できないことがわかってきている. ここでは知識グラフ特有の問題について整理し, その問題を克服するために提案されたいくつかの手法についてまとめる.
今日からできる!簡単 .NET 高速化 Tips
Event : Visual Studio Users Community Japan #1
Date : 2019/09/14
ソフトウェア/サービス開発において最も後回しにされるものの代表が「パフォーマンスの向上」です。C#/.NET の最大の武器は開発生産性ですが、C# 7.0 以降はパフォーマンス向上のための機能追加が多数行われています。いくつかのポイントを押さえることで実装時からより高速なコードを書くことができるようになります。
このドキュメントでは、そんなポイントとなる箇所をふんだんにお届けします。
C# 8.0 null許容参照型
Visual Studio Users Community Japan #1 にて登壇。
https://vsuc.connpass.com/event/143114/
C# 8.0の目玉機能の1つ、null許容参照型について解説。
LibreOffice Impress で アウトラインやマスタースライドを使おう!
Impressのアウトライン、マスタースライドを紹介した簡単なスライドです。
LILO/東海道らぐオンラインミーティングの発表資料を一部アップデートしたものです。
https://lilo.connpass.com/event/175279/
夏のトップカンファレンス論文読み会 / Realtime Multi-Person 2D Pose Estimation using Part Affin...
夏のトップカンファレンス論文読み会(2017/09/18)での発表資料です。
- connpass: https://abeja-innovation-meetup.connpass.com/event/63466/
画像のエンコードによる部位検出と部位関連度推定による, 複数人の体の部位のリアルタイム検出.
JIRA / Confluence の
必須プラグインはこれだ
JIRA / Confluenceの必須プラグインを紹介したいと思います。
使ってみないと分からないのがプラグイン。されど忙しくと中々評価に時間をさくことが出来ないのも実情。
実際使っているプラグインとその感想について共有したいと思います。
Flutter移行の苦労と、乗り越えた先に得られたもの
iOS/Android共にリリースから10年を迎えたじゃらんアプリでは、さらなる開発効率と品質の向上を目指しFlutterへの順次移行に挑戦しています。本資料では、その過程で得られた知見についてまとめています。
Threshold and Proactive Pseudo-Random Permutations
The document summarizes research on constructing the first threshold and proactive pseudo-random permutation (PRP). It presents a new oblivious distributed pseudo-random function and uses it with the Luby-Rackoff construction to build a distributed PRP. The protocol allows n servers to compute encryptions/decryptions in O(1) rounds as long as less than (n-1)/2 servers are corrupted. It enables protocols like authenticated encryption to be made distributed.
Codes and Isogenies
The document summarizes a presentation on revocable identity-based encryption (RIBE) from codes with rank metric. Key points:
- RIBE adds an efficient revocation procedure to identity-based encryption by using a binary tree structure and key updates.
- The construction is based on low rank parity-check codes, with the master secret key defined as the "trapdoor" generated by the RankSign algorithm.
- Security relies on the rank syndrome decoding problem. Key updates are done efficiently through the binary tree with logarithmic complexity.
- Parameters are given that allow decoding of up to 2wr errors with small failure probability, suitable for the identity-based encryption scheme.
More Related Content
What's hot
"Simple Made Easy" Made Easy
This document discusses the concept of "simple" and "easy" as it relates to programming languages and Clojure in particular. It explores the differences between concepts that are simple versus complex, and easy versus hard. It provides examples of how Clojure aims to make programming simple by avoiding unnecessary complexity through choices like immutable data and avoiding side effects.
知識グラフの埋め込みとその応用 (第10回ステアラボ人工知能セミナー)
講演者: 林克彦 先生 (NTTコミュニケーション科学基礎研究所)
概要: 情報検索, 自然言語処理, バイオインフォマティクスなどの分野では知識グラフの構築が活発に行われてきた. 知識グラフでは知識をドメイン内の概念と概念の間の関係で記述し, それをグラフとして表現する. 例えば, 語彙間の関係を記述した WordNet や
Freebase は知識グラフの代表的な例であり, 情報抽出, 質問応答などへの応用が期待されている. このような知識グラフは一般に大規模であるが, 本来登録されているべき知識の多くが欠落しているなど不完全であることが知られている. そのため, 近年では関係データ学習/リンク予測法を拡張することで, このような欠落を自動的に補完する技術が研究されてきた. 知識グラフの関係データ学習は一般に3次隣接テンソルの低ランク近似 (埋め込み) の問題として解かれるが, 知識グラフ特有の問題から CP 分解などの単純なテンソル分解では上手くモデル化できないことがわかってきている. ここでは知識グラフ特有の問題について整理し, その問題を克服するために提案されたいくつかの手法についてまとめる.
今日からできる!簡単 .NET 高速化 Tips
Event : Visual Studio Users Community Japan #1
Date : 2019/09/14
ソフトウェア/サービス開発において最も後回しにされるものの代表が「パフォーマンスの向上」です。C#/.NET の最大の武器は開発生産性ですが、C# 7.0 以降はパフォーマンス向上のための機能追加が多数行われています。いくつかのポイントを押さえることで実装時からより高速なコードを書くことができるようになります。
このドキュメントでは、そんなポイントとなる箇所をふんだんにお届けします。
C# 8.0 null許容参照型
Visual Studio Users Community Japan #1 にて登壇。
https://vsuc.connpass.com/event/143114/
C# 8.0の目玉機能の1つ、null許容参照型について解説。
LibreOffice Impress で アウトラインやマスタースライドを使おう!
Impressのアウトライン、マスタースライドを紹介した簡単なスライドです。
LILO/東海道らぐオンラインミーティングの発表資料を一部アップデートしたものです。
https://lilo.connpass.com/event/175279/
夏のトップカンファレンス論文読み会 / Realtime Multi-Person 2D Pose Estimation using Part Affin...
夏のトップカンファレンス論文読み会(2017/09/18)での発表資料です。
- connpass: https://abeja-innovation-meetup.connpass.com/event/63466/
画像のエンコードによる部位検出と部位関連度推定による, 複数人の体の部位のリアルタイム検出.
JIRA / Confluence の
必須プラグインはこれだ
JIRA / Confluenceの必須プラグインを紹介したいと思います。
使ってみないと分からないのがプラグイン。されど忙しくと中々評価に時間をさくことが出来ないのも実情。
実際使っているプラグインとその感想について共有したいと思います。
Flutter移行の苦労と、乗り越えた先に得られたもの
iOS/Android共にリリースから10年を迎えたじゃらんアプリでは、さらなる開発効率と品質の向上を目指しFlutterへの順次移行に挑戦しています。本資料では、その過程で得られた知見についてまとめています。
What's hot (20)
夏のトップカンファレンス論文読み会 / Realtime Multi-Person 2D Pose Estimation using Part Affin...
夏のトップカンファレンス論文読み会 / Realtime Multi-Person 2D Pose Estimation using Part Affin...
Similar to A verifiable random function with short proofs and keys
Threshold and Proactive Pseudo-Random Permutations
The document summarizes research on constructing the first threshold and proactive pseudo-random permutation (PRP). It presents a new oblivious distributed pseudo-random function and uses it with the Luby-Rackoff construction to build a distributed PRP. The protocol allows n servers to compute encryptions/decryptions in O(1) rounds as long as less than (n-1)/2 servers are corrupted. It enables protocols like authenticated encryption to be made distributed.
Codes and Isogenies
The document summarizes a presentation on revocable identity-based encryption (RIBE) from codes with rank metric. Key points:
- RIBE adds an efficient revocation procedure to identity-based encryption by using a binary tree structure and key updates.
- The construction is based on low rank parity-check codes, with the master secret key defined as the "trapdoor" generated by the RankSign algorithm.
- Security relies on the rank syndrome decoding problem. Key updates are done efficiently through the binary tree with logarithmic complexity.
- Parameters are given that allow decoding of up to 2wr errors with small failure probability, suitable for the identity-based encryption scheme.
Tensor Completion for PDEs with uncertain coefficients and Bayesian Update te...
Tensor Completion for PDEs with uncertain coefficients and Bayesian Update te...Alexander Litvinenko
We tried to see how tensor completion techniques can be useful for stochastic forward problems and Bayesian UpdateOn the Impossibility of Batch Update for Cryptographic Accumulators
This document summarizes a paper on the impossibility of batch updates for cryptographic accumulators. It shows that batch updates, which allow efficient witness updates for multiple insertions and deletions with a single update, cannot be achieved for cryptographic accumulators. The proof demonstrates that the size of the update information required is Ω(m log(N/m)), where m is the number of deletions and N is the total number of elements. Therefore, the size of the update information grows with the number of deletions, preventing truly efficient batch updates.
Digital Signatures: Reassessing security of randomizable signatures
The document summarizes research on differential attacks against deterministic digital signatures like EdDSA. It finds that removing randomness from signature generation does not eliminate all attack vectors, identifying 8 fault attacks and 1 side-channel attack. Fully compliant countermeasures per the EdDSA specification have significant performance impacts. Alternatively, introducing high-quality randomness where possible allows cheaper countermeasures without affecting key generation or verification. The research aims to inform standardization bodies on defining new digital signature algorithms.
The International Journal of Engineering and Science (IJES)
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
IRJET- Securing Cloud Data Under Key Exposure
This document presents Bastion, a new encryption scheme that aims to ensure data confidentiality even if the encryption key is exposed. Bastion uses block cipher encryption in counter mode to encrypt plaintext data into ciphertext blocks. It then applies an efficient linear transformation to the ciphertext blocks. This linear transformation distributes information across all ciphertext blocks such that any individual block provides no information about the plaintext, even with knowledge of the encryption key. The scheme is designed to preserve confidentiality as long as an adversary does not have access to more than one ciphertext block. The document analyzes the security and performance of Bastion and suggests it could be integrated into existing cloud storage systems with low overhead.
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
This document discusses securing cloud data when encryption keys are exposed. It presents a system that distributes encrypted data across multiple cloud storage servers administered by different entities. This is done to limit an attacker's access even if they acquire the encryption key, as they would not be able to compromise every server. The paper studies data confidentiality against an adversary who knows the encryption key and has access to most but not all of the encrypted data blocks. It proposes a new security definition to capture this threat and evaluates a prototype implementation to measure performance overhead.
Tensor Train data format for uncertainty quantification
We start with motivation, few examples of uncertainties. Then we discretize elliptic PDE with uncertain coefficients, apply TT format for permeability, the stochastic operator and for the solution. We compare sparse multi-index set approach with full multi-index+TT.
Tensor Train format allows us to keep the whole multi-index set, without any multi-index set truncation.
Fast parallelizable scenario-based stochastic optimization
Fast parallelizable scenario-based stochastic optimization: a forward-backward LBFGS method for stochastic optimal control problems with global convergence rate guarantees. (Talk at EUCCO 2016, Leuven, Belgium).
6-Nfa & equivalence with RE.pdf
- An NFA can be converted to an equivalent DFA using the subset construction. This involves constructing states of the DFA that correspond to subsets of states of the NFA.
- The subset construction results in an exponential blow-up in the number of states between the NFA and DFA. There is an NFA with n+1 states that requires a DFA with at least 2^n states.
- An epsilon-NFA (ε-NFA) allows epsilon transitions and can be converted to an equivalent DFA using a similar subset construction approach.
zkStudyClub: PLONKUP & Reinforced Concrete [Luke Pearson, Joshua Fitzgerald, ...
This week, Luke Pearson (Polychain Capital) and Joshua Fitzgerald (Anoma) present their work on Plonkup, a protocol that combines Plookup and PLONK into a single, efficient protocol. The protocol relies on a new hash function, called Reinforced Concrete, written by Dmitry Khovratovich. The three of them will present their work together at this week's edition of zkStudyClub!
Slides:
---
To Follow the Zero Knowledge Podcast us at https://www.zeroknowledge.fm
To the listeners of Zero Knowledge Podcast, if you like what we do:
- Follow us on Twitter - @zeroknowledgefm
- Join us on Telegram - https://t.me/joinchat/TORo7aknkYNLHmCM
- Support our Gitcoin Grant - https://gitcoin.co/grants/329/zero-knowledge-podcast-2
- Support us on Patreon - https://www.patreon.com/zeroknowledge
FPGA based BCH Decoder
This document presents the design and implementation of an FPGA-based BCH decoder. It discusses BCH codes, which are binary error-correcting codes used in wireless communications. The implemented decoder is for a (15, 5, 3) BCH code, meaning it can correct up to 3 errors in a block of 15 bits. The decoder uses a serial input/output architecture and is implemented using VHDL on a FPGA device. It performs BCH decoding through syndrome calculation, running the Berlekamp-Massey algorithm to solve the key equation, and using Chien search to find error locations. The simulation result verifies correct decoding operation.
1508.07756v1
This document summarizes a research paper that proposes a new public key cryptosystem based on the difficulty of inverting the function F(x) = (a × x)Mod(2p)Div(2q). The cryptosystem includes a key exchange algorithm, public key encryption algorithm, and digital signature algorithm. The document analyzes the efficiency and security of the cryptosystem, showing it has O(n) faster time complexity than RSA and Diffie-Hellman. It also reduces breaking the cryptosystem to solving difficult SAT instances or sets of multivariate polynomial equations over F(2). Python implementations of the key exchange and signature algorithms are provided in appendices.
Spreading Rumors Quietly and the Subgroup Escape Problem
The document proposes a "blind coupon mechanism" (BCM) to spread signals or rumors quickly in a network while preventing an adversary from identifying the source or presence of the signal. The BCM uses an abstract group structure and instantiates it using elliptic curves over Z_n or bilinear groups. It allows processes to spread coupons by continually broadcasting and combining received coupons with their own, in a way that an adversary cannot distinguish dummy from signal coupons or forge new signal coupons.
Understanding Reed-Solomon code
Understanding the math of Reed-Solomon code (based on FEC code RS(544,514) used in IEEE 200/400GBASE-R)
Reed solomon Encoder and Decoder
The document outlines Reed-Solomon error correction codes. It discusses how Reed-Solomon codes encode data using a generator polynomial to produce parity check symbols. The document then describes how Reed-Solomon codes can decode errors using syndrome calculation, error location polynomials, and finding the error positions and values through algorithms like Forney's method and Chien search. Reed-Solomon codes are widely used in applications like CDs, DVDs, wireless communications and digital television for their ability to efficiently correct both random and burst errors.
104 Icdcit05
The document proposes using probabilistic turn-based 2.5 player games to model and analyze the security of key predistribution schemes in wireless sensor networks. It defines the game model and how it can capture an adversary attacking a scheme. The document analyzes a polynomial-based key predistribution scheme using this game model, showing how quantitative analysis can specify the scheme's security properties. It leaves open the problem of quantitatively solving time-bounded reachability in 2.5 player games and how well the model estimates security parameters.
Yoyak ScalaDays 2015
The document summarizes a presentation titled "Yoyak" given by Heejong Lee at ScalaDays 2015. The presentation introduces Yoyak, a static analysis framework developed by the speaker. It covers the following topics:
- Static analysis and abstract interpretation theory
- Implementation highlights of the Yoyak framework
- Experiences using Scala in developing Yoyak
- The roadmap for future development of Yoyak
Topology Matters in Communication
We study communication cost of computing functions when inputs are distributed among k processors, each of which is located at one vertex of a network/graph called a terminal. Every other node of the network also has a processor, with no input. The communication is point-to-point and the cost is the total number of bits exchanged by the protocol, in the worst case, on all edges. Our results show the effect of topology of the network on the total communication cost. We prove tight bounds for simple functions like Element-Distinctness (ED), which depend on the 1-median of the graph. On the other hand, we show that for a large class of natural functions like Set-Disjointness the communication cost is essentially n times the cost of the optimal Steiner tree connecting the terminals. Further, we show for natural composed functions like ED∘XOR and XOR∘ED, the naive protocols suggested by their definition is optimal for general networks. Interestingly, the bounds for these functions depend on more involved topological parameters that are a combination of Steiner tree and 1-median costs. To obtain our results, we use some tools like metric embeddings and linear programming whose use in the context of communication complexity is novel as far as we know. (Based on joint works with Jaikumar Radhakrishnan and Atri Rudra)
Similar to A verifiable random function with short proofs and keys (20)
Threshold and Proactive Pseudo-Random Permutations
Threshold and Proactive Pseudo-Random Permutations
Tensor Completion for PDEs with uncertain coefficients and Bayesian Update te...
Tensor Completion for PDEs with uncertain coefficients and Bayesian Update te...
On the Impossibility of Batch Update for Cryptographic Accumulators
On the Impossibility of Batch Update for Cryptographic Accumulators
Digital Signatures: Reassessing security of randomizable signatures
Digital Signatures: Reassessing security of randomizable signatures
The International Journal of Engineering and Science (IJES)
The International Journal of Engineering and Science (IJES)
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
IRJET- Data Analysis for Braking System in Time Domain for Fault Diagnosis
Tensor Train data format for uncertainty quantification
Tensor Train data format for uncertainty quantification
Fast parallelizable scenario-based stochastic optimization
Fast parallelizable scenario-based stochastic optimization
zkStudyClub: PLONKUP & Reinforced Concrete [Luke Pearson, Joshua Fitzgerald, ...
zkStudyClub: PLONKUP & Reinforced Concrete [Luke Pearson, Joshua Fitzgerald, ...
Spreading Rumors Quietly and the Subgroup Escape Problem
Spreading Rumors Quietly and the Subgroup Escape Problem
More from Aleksandr Yampolskiy
New York REDIS Meetup Welcome Session
This document summarizes a New York Redis Meetup event. It introduces Aleksandr Yampolskiy and Danny Gershman, who will discuss Redis, a key-value store that can be used for caching, publishing/subscribing, and as a data store. Redis allows for fast, in-memory storage of data structures like strings, hashes, lists, sets and sorted sets. The document provides an overview of Redis' capabilities and common uses, such as caching, real-time analytics, and AOP caching. It also notes that Cinchcast is hiring for backend architect and frontend engineer roles.
"Managing software development" by Peter Bell
This document summarizes a presentation on managing software development. It discusses topics like deliberate discovery during iteration 0 to reduce risk, using story counts to measure scope, making estimates to inform budgeting decisions but not as commitments, using techniques like WIP limits and story maps to manage backlogs, defining "Done" with pre-agreed upon criteria, and taking an iterative development approach with incremental estimates. The overall presentation provides guidance on processes and practices for effectively planning and managing a software development project.
Recruiting Great Engineers in Six Easy Steps
Aleksandr Yampolskiy provides six steps for recruiting great engineers: 1) Look in places engineers frequent like meetups rather than just job boards, 2) Know what attracts developers like working with other great engineers and learning new technologies, 3) Move slowly in hiring and quickly in firing to find the right cultural fit, 4) Make recruitment a company-wide priority through referrals and selling the opportunity, 5) Be willing to try unconventional tactics to source candidates, and 6) Accept that failure is part of the process and learn from mistakes. The key is finding passionate engineers solving problems in new ways.
You Too Can Be a Radio Host Or How We Scaled a .NET Startup And Had Fun Doing It
You Too Can Be a Radio Host Or How We Scaled a .NET Startup And Had Fun Doing ItAleksandr Yampolskiy
The document discusses Cinchcast, a company that provides cloud-based software for creating and distributing voice-based content. It describes the backgrounds of the CTO and VP of Development and an overview of the company and its flagship product BlogTalkRadio. The document then discusses Cinchcast's technology stack, development processes, architecture improvements over time including moving to services and caching, and future projects. It concludes by describing open job positions and benefits of working at Cinchcast.Malware Goes to the Movies - Briefing
Malware can spread through media files like videos, music and images. Attackers use social engineering tricks to get users to download malware disguised as codecs or licenses. Various exploits in media file formats and plugins allow inserting malicious scripts. Users should disable risky player settings like URLANDEXIT, check files with scanning tools, and avoid untrusted sources.
Privacy and E-Commerce
The document summarizes key points about privacy in e-commerce from a presentation given by Aleksandr Yampolskiy, head of security and compliance at Gilt Groupe. It discusses how much personal information is readily available online, the difference between privacy and security, why people disclose personal information, challenges with privacy in e-commerce, and solutions companies can implement like having a clear privacy policy and controlling access to customer data.
Eight simple rules to writing secure PHP programs
This document provides eight rules for writing secure PHP programs:
1. Use proper cryptography and do not invent your own algorithms.
2. Validate all input from external sources before using.
3. Sanitize data sent to databases or other systems to prevent injection attacks.
4. Avoid leaking sensitive information through error messages or other means.
5. Properly manage user sessions to prevent hijacking and ensure users remain authenticated.
6. Enforce authentication and authorization separately using least privilege.
7. Use SSL/TLS to encrypt all authenticated or sensitive communications.
8. Keep security straightforward and avoid relying on obscurity.
Social media security challenges
Social media presents both opportunities and risks for individuals and organizations. It allows for quicker outreach to customers, improved branding and recruitment but also expands the potential attack surface. The document recommends that organizations address social media security by developing clear policies on allowed and prohibited uses, taking a permissive approach while monitoring usage, applying general web security best practices, and reminding employees to use separate personal and work passwords.
Social Engineering and What to do About it
The document discusses social engineering techniques and defenses against them. It defines social engineering as manipulating people into revealing sensitive information through deception. Various social engineering methods are described, including in-person manipulation, phone calls, emails, and fake websites. It explains how social engineers use techniques like impersonation, building rapport, and exploiting human tendencies to make targets feel obligated or conform to social pressures. The document recommends defenses like user education, identity verification protocols for customer support, and having an incident response plan to address social engineering attacks. The goal is to help organizations strengthen their "human firewall" against this threat.
OWASP Much ado about randomness
This document discusses randomness and random number generation. It notes that cryptography relies on random numbers, but that generating truly random numbers is difficult. While theory assumes a perfect random source, in practice pseudorandom number generators are used. Several examples are given of systems that used weak random number generation that led to security issues. Lessons discussed include the importance of unpredictable seeds for pseudorandom number generators and using cryptographically secure functions. The document contrasts truly random and pseudorandom number generation, and provides tips for analyzing randomness in programs and web applications.
Malware goes to the movies
This document summarizes trends in media malware and discusses case studies of attacks. It notes that media files like videos, music and images are common infection vectors because media is widely consumed online. Fake YouTube videos, malicious torrents, and exploits of media file formats like ASF are described as major attack methods. The document recommends disabling risky media player functions, using tools to detect malicious scripts in files, and verifying the reputation of URLs found in media before interacting with them. Detection of attacks and education of users on safe media practices are emphasized.
Inoculation strategies for victims of viruses
This document discusses strategies for containing computer viruses in a network. It presents a game theoretic model where nodes choose whether to install antivirus software. Nash equilibria are characterized but can be inefficient. Computing the optimal strategy that minimizes total infection risk is NP-hard. Approximating this solution can be reduced to the sum-of-squares partition problem, allowing for a near-optimal deployment. Open problems consider extensions like taxation mechanisms and strategic behavior.
Number theory lecture (part 1)
Cryptography and data security involves number theory concepts like groups, rings, fields, and modular arithmetic. Some key ideas discussed include:
1) The integers under addition form a cyclic group, and the theorem that for any finite group G and element a in G, a raised to the order of G is the identity element.
2) Modular arithmetic defines equivalence classes for integers modulo n, and the set of residues Zn forms an abelian group under addition.
3) The multiplicative integers modulo n, Zn*, form a group whose size is given by Euler's totient function φ(n). For prime p, φ(p) = p - 1.
Number theory lecture (part 2)
Cryptography and Data Security often relies on number theory concepts. This document reviews several key number theory topics used in cryptography, including: 1) integers modulo n and Euler's totient function; 2) Euler's theorem and Fermat's theorem; 3) the greatest common divisor and Euclid's algorithm; and 4) polynomials and finite fields. Finite fields play an important role in cryptography by allowing the representation of data as field elements.
Much ado about randomness. What is really a random number?
The document discusses weaknesses in random number generation and pseudorandom number generation (PRNG) that can be exploited by attackers. It provides examples of programs that used weak PRNGs, allowing session IDs and keys to be guessed. Lessons learned are that numbers used to derive keys and IDs must be truly random and unpredictable, and PRNGs must be cryptographically secure. Two types of randomness are defined: true randomness from unpredictable sources, and pseudorandomness from cryptographically secure PRNGs seeded with true randomness.
Secure information aggregation in sensor networks
The document summarizes the paper "Secure Information Aggregation in Sensor Networks" which proposes a framework called aggregate-commit-prove for securely computing aggregation functions like median, min/max, counting distinct elements in sensor networks even if sensors or aggregators are compromised. It describes the sensor network model, attack model, and gives concrete sublinear protocols for computing specific aggregation functions that allow the base station to detect incorrect results with high probability.
Towards a theory of data entangelement
The document proposes a model for entangling users' data to protect remotely stored data from server corruption. It defines six adversary classes based on the recovery algorithm (standard, public, private) and corruption method (destructive, arbitrary). It shows all-or-nothing integrity is possible in the standard-recovery model by using message authentication codes, but not in public/private models as adversaries can modify the recovery algorithm. Symmetric recovery is possible in the public model if encoding is symmetric. All-or-nothing integrity is achievable against destructive adversaries by interpolating a polynomial of the data.
Price of anarchy is independent of network topology
1. The document discusses a model for analyzing traffic flows in networks where individual agents route traffic selfishly according to latency costs.
2. It shows that for linear latency functions, the ratio between the cost of the Nash equilibrium flow and the optimal flow (the price of anarchy) is 4/3, independent of network topology.
3. For general latency functions, the price of anarchy may be larger and depends on properties of the latency function class, but is still independent of network topology.
Business Case Studies
The document outlines 11 case scenarios that an expert may encounter and provides questions to consider for each scenario. The scenarios include deciding whether to enter a new market, evaluating mergers and acquisitions, reducing costs, increasing sales and profits, executing a turnaround, responding to competitors, developing new products, determining pricing strategies, pursuing growth strategies, starting a new business, and using frameworks like the five C's and four P's for analysis.
More from Aleksandr Yampolskiy (19)
You Too Can Be a Radio Host Or How We Scaled a .NET Startup And Had Fun Doing It
You Too Can Be a Radio Host Or How We Scaled a .NET Startup And Had Fun Doing It
Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?
Price of anarchy is independent of network topology
Price of anarchy is independent of network topology
A verifiable random function with short proofs and keys
- 1. A Verifiable Random Function With Short Proofs and Keys Yevgeniy Dodis Aleksandr Yampolskiy (NYU) (Yale)