-
On-line Anomaly Detection and Qualification of Random Bit Streams
Authors:
Cesare Caratozzolo,
Valeria Rossi,
Kamil Witek,
Alberto Trombetta,
Massimo Caccia
Abstract:
Generating random bit streams is required in various applications, most notably cyber-security. Ensuring high-quality and robust randomness is crucial to mitigate risks associated with predictability and system compromise. True random numbers provide the highest unpredictability levels. However, potential biases in the processes exploited for the random number generation must be carefully monitore…
▽ More
Generating random bit streams is required in various applications, most notably cyber-security. Ensuring high-quality and robust randomness is crucial to mitigate risks associated with predictability and system compromise. True random numbers provide the highest unpredictability levels. However, potential biases in the processes exploited for the random number generation must be carefully monitored. This paper reports the implementation and characterization of an on-line procedure for the detection of anomalies in a true random bit stream. It is based on the NIST Adaptive Proportion and Repetition Count tests, complemented by statistical analysis relying on the Monobit and RUNS. The procedure is firmware implemented and performed simultaneously with the bit stream generation, and providing as well an estimate of the entropy of the source. The experimental validation of the approach is performed upon the bit streams generated by a quantum, silicon-based entropy source.
△ Less
Submitted 19 September, 2024; v1 submitted 9 September, 2024;
originally announced September 2024.
-
A Serverless Architecture for Efficient and Scalable Monte Carlo Markov Chain Computation
Authors:
Fabio Castagna,
Alberto Trombetta,
Marco Landoni,
Stefano Andreon
Abstract:
Computer power is a constantly increasing demand in scientific data analyses, in particular when Markov Chain Monte Carlo (MCMC) methods are involved, for example for estimating integral functions or Bayesian posterior probabilities. In this paper, we describe the benefits of a parallel computation of MCMC using a cloud-based, serverless architecture: first, the computation time can be spread over…
▽ More
Computer power is a constantly increasing demand in scientific data analyses, in particular when Markov Chain Monte Carlo (MCMC) methods are involved, for example for estimating integral functions or Bayesian posterior probabilities. In this paper, we describe the benefits of a parallel computation of MCMC using a cloud-based, serverless architecture: first, the computation time can be spread over thousands of processes, hence greatly reducing the time the user should wait to have its computation completed. Second, the overhead time required for running in parallel several processes is minor and grows logarithmically with respect to the number of processes. Third, the serverless approach does not require time-consuming efforts for maintaining and updating the computing infrastructure when/if the number of walkers increases or for adapting the code to optimally use the infrastructure. The benefits are illustrated with the computation of the posterior probability distribution of a real astronomical analysis.
△ Less
Submitted 6 October, 2023;
originally announced October 2023.
-
QPQ 1DLT: A system for the rapid deployment of secure and efficient EVM-based blockchains
Authors:
Simone Bottoni,
Anwitaman Datta,
Federico Franzoni,
Emanuele Ragnoli,
Roberto Ripamonti,
Christian Rondanini,
Gokhan Sagirlar,
Alberto Trombetta
Abstract:
Limited scalability and transaction costs are, among others, some of the critical issues that hamper a wider adoption of distributed ledger technologies (DLT). That is particularly true for the Ethereum blockchain, which, so far, has been the ecosystem with the highest adoption rate. Quite a few solutions, especially on the Ethereum side of things, have been attempted in the last few years. Most o…
▽ More
Limited scalability and transaction costs are, among others, some of the critical issues that hamper a wider adoption of distributed ledger technologies (DLT). That is particularly true for the Ethereum blockchain, which, so far, has been the ecosystem with the highest adoption rate. Quite a few solutions, especially on the Ethereum side of things, have been attempted in the last few years. Most of them adopt the approach to offload transactions from the blockchain mainnet, a.k.a. Level 1 (L1), to a separate network. Such systems are collectively known as Level 2 (L2) systems. While mitigating the scalability issue, the adoption of L2 introduces additional drawbacks: users have to trust that the L2 system has correctly performed transactions or, conversely, high computational power is required to prove transactions correctness. In addition, significant technical knowledge is needed to set up and manage such an L2 system. To tackle such limitations, we propose 1DLT: a novel system that enables rapid and trustless deployment of an Ethereum Virtual Machine based blockchain that overcomes those drawbacks.
△ Less
Submitted 16 August, 2022;
originally announced August 2022.
-
Secure selections on encrypted multi-writer streams
Authors:
Angelo Massimo Perillo,
Giuseppe Persiano,
Alberto Trombetta
Abstract:
Performing searches over encrypted data is a very current and active area. Several efficient solutions have been provided for the single-writer scenario in which all sensitive data originates with one party (the Data Owner) that encrypts it and uploads it to a public repository. Subsequently the Data Owner (or authorized clients, the Query Sources) accesses the encrypted data through a Query Proce…
▽ More
Performing searches over encrypted data is a very current and active area. Several efficient solutions have been provided for the single-writer scenario in which all sensitive data originates with one party (the Data Owner) that encrypts it and uploads it to a public repository. Subsequently the Data Owner (or authorized clients, the Query Sources) accesses the encrypted data through a Query Processor which has direct access to the public encrypted repository. Motivated by the recent trend in pervasive data collection, we depart from this model and consider a multi-writer scenario in which data originates with several and mutually untrusted parties. In this new scenario the Data Owner provides public parameters so that each item of the generated data stream can be put into an encrypted stream; moreover, the Data Owner keeps some related secret information needed to generate tokens so that different subscribers can access different subsets of the encrypted stream in clear, as specified by corresponding access policies. We propose a new public-key scheme, Secure Selective Stream (SSS), built upon an Amortized Encryption Scheme (AOE), that can be used to encrypt each item in the stream so that the ciphertexts have size proportional to the un-encrypted data; moreover, encryption and decryption take time linear in the data item size. We provide constructions for SSS and AOE. We provide a game-based and an indistinguishability-based security notions for SSS, we prove that the SSS scheme is game-base secure given that the AOE scheme is game-based secure as well. We prove that AOE is secure under hardness assumptions in the bilinear setting. We provide an implementation in C++ all the basic operations in our multi-writer scenario using one round of communication.
△ Less
Submitted 9 October, 2019; v1 submitted 29 January, 2019;
originally announced January 2019.
-
Answering queries using pairings
Authors:
Alberto Trombetta,
Giuseppe Persiano,
Stefano Braghin
Abstract:
Outsourcing data in the cloud has become nowadays very common. Since -- generally speaking -- cloud data storage and management providers cannot be fully trusted, mechanisms providing the confidentiality of the stored data are necessary. A possible solution is to encrypt all the data, but -- of course -- this poses serious problems about the effective usefulness of the stored data. In this work, w…
▽ More
Outsourcing data in the cloud has become nowadays very common. Since -- generally speaking -- cloud data storage and management providers cannot be fully trusted, mechanisms providing the confidentiality of the stored data are necessary. A possible solution is to encrypt all the data, but -- of course -- this poses serious problems about the effective usefulness of the stored data. In this work, we propose to apply a well-known attribute-based cryptographic scheme to cope with the problem of querying encrypted data. We have implemented the proposed scheme with a real-world, off-the-shelf RDBMS and we provide several experimental results showing the feasibility of our approach.
△ Less
Submitted 11 March, 2014;
originally announced March 2014.
-
Secure and Policy-Private Resource Sharing in an Online Social Network
Authors:
Stefano Braghin,
Vincenzo Iovino,
Giuseppe Persiano,
Alberto Trombetta
Abstract:
Providing functionalities that allow online social network users to manage in a secure and private way the publication of their information and/or resources is a relevant and far from trivial topic that has been under scrutiny from various research communities. In this work, we provide a framework that allows users to define highly expressive access policies to their resources in a way that the en…
▽ More
Providing functionalities that allow online social network users to manage in a secure and private way the publication of their information and/or resources is a relevant and far from trivial topic that has been under scrutiny from various research communities. In this work, we provide a framework that allows users to define highly expressive access policies to their resources in a way that the enforcement does not require the intervention of a (trusted or not) third party. This is made possible by the deployment of a newly defined cryptographic primitives that provides - among other things - efficient access revocation and access policy privacy. Finally, we provide an implementation of our framework as a Facebook application, proving the feasibility of our approach.
△ Less
Submitted 10 July, 2013;
originally announced July 2013.
