single secret leader election
play

Single Secret Leader Election Dan Boneh Saba Eskandarian Lucjan - PowerPoint PPT Presentation

Dec 23, 2022 •401 likes •1.48k views

Single Secret Leader Election Dan Boneh Saba Eskandarian Lucjan Hanzlik Nicola Greco What is Single Secret Leader Election? A group of participants want to randomly choose exactly one leader, such that: 1. Identity of the leader is known only

  1. Three Constructions of SSLE DDH “Compromise” solution -- √N communication per election, 1/(√N-c) unpredictability Should be suitable for practical use cases Obfuscation Ideal solution, but uses theoretical tools tFHE Closer to realistic, only gives a threshold version of security

  2. SSLE from DDH The easiest single non-secret leader election User 1 User 1 User 1 Election User 2 User 2 User 2 R ∈ [N] Registration User 3 User 3 User 3 User 4 User 4 User 4 User 5 User 5

  3. SSLE from DDH The easiest single non-secret leader election User 1 User 1 User 1 Election ✅ Uniqueness User 2 User 2 User 2 R ∈ [N] Registration ✅ Fairness User 3 User 3 User 3 🆈 Unpredictability User 4 User 4 User 4 User 5 User 5 How to hide the leader?

  4. SSLE from DDH 1. Commitments User 1 User 1 User 1 Election ✅ Uniqueness User 2 User 2 User 2 R ∈ [N] Registration ✅ Fairness User 3 User 3 User 3 🆈 Unpredictability User 4 User 4 User 4 User 5 User 5

  5. SSLE from DDH 1. Commitments com(u1) com(u1) com(u1) Election ✅ Uniqueness com(u2) com(u2) com(u2) R ∈ [N] Registration ✅ Fairness com(u3) com(u3) com(u3) 🆈 Unpredictability com(u4) com(u4) com(u4) com(u5) com(u5)

  6. SSLE from DDH 1. Commitments 2. Shuffling com(u1) com(u1) com(u1) Election ✅ Uniqueness com(u2) com(u2) com(u2) R ∈ [N] Registration ✅ Fairness com(u3) com(u3) com(u3) 🆈 Unpredictability com(u4) com(u4) com(u4) com(u5) com(u5)

  7. SSLE from DDH ✅ Uniqueness 1. Commitments ✅ Fairness 2. Shuffling 🆈 Unpredictability Registration com(u1) com(u1) Part 2 com(u2) com(u2) Registration Election Part 1 com(u2) com(u2) com(u5) com(u5) R ∈ [N] com(u3) com(u3) com(u4) com(u4) com(u4) com(u4) com(u1) com(u1) com(u5) com(u3) com(u3)

  8. SSLE from DDH 🆈 Uniqueness 1. Commitments 🆈 Fairness 2. Shuffling 🆈 Unpredictability 3. Rerandomization Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  9. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  10. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk )

  11. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk ) Rerandomization: (g r , g rk ) → (g rr’ , g rr’k ) Reidentification: given (u,v) , check if u k = v

  12. A Rerandomizable & Reidentifiable Commitment Let g ∈ G , G is a group where DDH is hard Com( k, r ) → (g r , g rk ) Rerandomization: (g r , g rk ) → (g rr’ , g rr’k ) Reidentification: given (u,v) , check if u k = v Security follows from DDH: ( g r , g rk , g rr’ , g rr’k ) vs ( g r , g rk , g rr’ , g rz )

  13. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  14. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  15. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle -- NIZK or other users check Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  16. SSLE from DDH 1. Commitments 2. Shuffling 3. Rerandomization & Reidentification 4. Verification of shuffle -- NIZK or other users check 5. Defend against duplication attacks Registration com(u1) com(u1) Part 2 com(u2)’ com(u2)’ Registration Election Part 1 com(u2) com(u2) com(u5)’ com(u5)’ R ∈ [N] com(u3) com(u3) com(u4)’ com(u4)’ com(u4) com(u4) com(u1)’ com(u1)’ com(u5) com(u3)’ com(u3)’

  17. Duplication Attack Registration com(u1) com(u1) com(u2)’ Part 2 Registration Part 1 com(u2) com(u2) com(u4)’’ com(u3) com(u3) com(u4)’ com(u4) com(u4) com(u1)’ com(u4) com(u3)’ Duplication attack makes it possible for 2 different users to register with a commitment to the same value Breaks uniqueness and unpredictability

  18. Preventing Duplication Attacks How to ensure that users never commit to the same value? Idea: Derive a secret commitment value and a tag from a master secret Sample random k H(k) →k L , k R Post com( k L ) and k R Registrations to the same secret detected by duplicate k R (H modeled as random oracle)

  19. Saving Communication Protocol thus far has required linear communication for each registration Registration com( k 1L ) com( k 1L ) com( k 1L )’ com( k 1L )’ Part 2 Registration Election Part 1 com( k 2L ) com( k 2L ) com( k 2L )’ com( k 2L )’ R ∈ [N] com( k 3L ) com( k 3L ) com( k 3L )’ com( k 3L )’ com( k 4L ) com( k 4L ) com( k 4L )’ com( k 4L )’ com( k 5L ) com( k 5L )’ com( k 5L )’

  20. Saving Communication Protocol thus far has required linear communication for each registration Registration com( k 1L ) com( k 1L ) com( k 1L )’ com( k 1L )’ Part 2 Registration Election Part 1 com( k 2L ) com( k 2L ) com( k 2L )’ com( k 2L )’ R ∈ [N] com( k 3L ) com( k 3L ) com( k 3L )’ com( k 3L )’ com( k 4L ) com( k 4L ) com( k 4L )’ com( k 4L )’ com( k 5L ) com( k 5L )’ com( k 5L )’ Communicating all this is expensive

  21. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket.

  22. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket. com( k 1L ) com( k 1L ) com( k √N+1,L ) com( k N-√N+1,L ) com( k 2L ) ... ... ... ... com( k 3L ) com( k √N,L ) com( k 2√N,L ) com( k N,L ) ... com( k NL )

  23. Saving Communication Communication/Security tradeoff: instead of shuffling new entry into the whole list, split the list into a number of buckets and only shuffle into one bucket. com( k 1L ) com( k 1L ) com( k √N+1,L ) com( k N-√N+1,L ) com( k 2L ) ... ... ... ... com( k 3L ) com( k √N,L ) com( k 2√N,L ) com( k N,L ) ... com( k NL ) Larger buckets mean more unpredictability but also more communication √N sized buckets seems like a good tradeoff

  24. Security With a deterministic choice of buckets, we get the following theorem:

  25. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability

  26. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability

  27. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability Open problem: we believe we can do better with a more clever shuffling/bucketing algorithm, e.g. by using something like a square shuffle [Hastad06]

  28. Security With a deterministic choice of buckets, we get the following theorem: We can do better by randomizing the choice of buckets, so an adversary needs to corrupt O(N) users to guess winner with constant probability Open problem: we believe we can do better with a more clever shuffling/bucketing algorithm, e.g. by using something like a square shuffle [Hastad06] Open problem: constant communication per election (in a practical scheme)

  29. SSLE from Obfuscation Obfuscation [BGI+01, GGH+13] Obfuscator iO(C) produces a new circuit C’ such that: 1. C and C’ have the exact same behavior. 2. For any two circuits C 0 , C 1 that have the exact same behavior, no adversary can distinguish between iO(C 0 ) and iO(C 1 ) .

  30. SSLE from Obfuscation Obfuscation [BGI+01, GGH+13] Obfuscator iO(C) produces a new circuit C’ such that: 1. C and C’ have the exact same behavior 2. For any two circuits C 0 , C 1 that have the exact same behavior, no adversary can distinguish between iO(C 0 ) and iO(C 1 ) Puncturable PRF [BW13, BGI14, KPTZ13] PRF where you can generate a punctured key that allows you to evaluate the PRF everywhere except at that point. Given the punctured key, the value of the PRF at the punctured point is still pseudorandom.

  31. SSLE from Obfuscation Plan: 1. Write a program that picks leader using secret key embedded in the program 2. Obfuscate program during trusted setup and distribute to everyone 3. Any participant just needs to post a public key to register for elections 4. Obfuscated program output should allow leader to prove she won

  32. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R):

  33. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s)

  34. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. Output b

  35. SSLE from Obfuscation Program to obfuscate, first attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 🆈 Anyone can learn the leader by 3. b←1 if i = w mod n, b←0 otherwise trying each value of i 4. Output b

  36. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. w←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  37. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  38. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. ct←Encrypt(pk i , b; r) 5. Output ct

  39. SSLE from Obfuscation Program to obfuscate, second attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. ct←Encrypt(pk i , b; r) 🆈 Not clear how winner can prove 5. Output ct that she won the election

  40. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w, r)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  41. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4.

  42. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r)

  43. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct

  44. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct

  45. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct Why not encrypt?

  46. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct Why not encrypt? If the encryption does not commit, adversary could potentially find bad randomness that allows a non-winning ciphertext to decrypt to 1

  47. SSLE from Obfuscation Program to obfuscate, final attempt P((pk 0 , …, pk N-1 ), i, N, R): ✅ Elects one leader randomly based on secret key 1. s ←R, pk 0 , …, pk N-1 2. (w,r,r’)←F(k,s) ✅ Only user i can decrypt b i 3. b←1 if i = w mod n, b←0 otherwise 4. c ←com(b; r) ✅ Prove leadership by revealing r 5. ct←Encrypt(pk i , r; r’) 6. Output c, ct See paper for proofs of uniqueness, selective fairness, selective unpredictability

  48. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round

  49. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round What if only a few people have to come back and it doesn’t matter which ones?

  50. SSLE from tFHE Reminder: why can’t we use a generic MPC protocol for SSLE? Easy DoS opportunity if everyone has to come back for a second round What if only a few people have to come back and it doesn’t matter which ones? Tools from threshold crypto can enable this!

  51. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext.

  52. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly.

  53. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly. Threshold FHE (tFHE): Combine the two tools above.

  54. SSLE from tFHE Threshold Encryption: Standard public-key encryption, but instead of one secret key, many users have shares of a secret key that produce partial decryptions , with t partial decryptions needed to produce a plaintext. Fully Homomorphic Encryption (FHE): Standard public-key encryption, but ciphertexts can be added together and multiplied. Expensive operation is multiplication, high multiplicative depth is especially costly. Using these tools, we can only really hope for Threshold FHE (tFHE): threshold unpredictability and fairness Combine the two tools above.

  55. SSLE from tFHE Plan: 1. All participants get a tFHE decryption key 2. Define a computation that picks the leader 3. Evaluate computation under tFHE 4. Some subset of t users post partial decryptions 5. Output of computation somehow secretly determines winner

  56. SSLE from tFHE Plan: 1. All participants get a tFHE decryption key 2. Define a computation that picks the leader 3. Evaluate computation under tFHE 4. Some subset of t users post partial decryptions 5. Output of computation somehow secretly determines winner Unlike the obfuscation case, everyone gets the same output.

  57. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it

  58. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it Main remaining problems to solve: 1. Efficiently generating randomness inside the tFHE 2. Efficiently using the randomness to pick someone’s secret

  59. SSLE from tFHE Idea: Each participant registers with a secret k Output of computation is the secret of a randomly chosen participant The participant knows her secret, but nobody else knows who owns it Main remaining problems to solve: 1. Efficiently generating randomness inside the tFHE 2. Efficiently using the randomness to pick someone’s secret See paper for other details

  60. SSLE from tFHE k 1 k 2 k 3 k 4 k 5

  61. SSLE from tFHE k 1 0 k 2 0 = k 4 k 3 0 k 4 1 k 5 0 Random weight-1 vector

  62. SSLE from tFHE k 1 0 How can we efficiently generate a k 2 0 random weight-1 vector given some = k 4 k 3 0 random bits inside the tFHE? k 4 1 “efficiently” = low multiplicative depth k 5 0 Random weight-1 vector

  63. SSLE from tFHE 1. Start with logN random bits 0 1 1 0

Recommend

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in the Hypercube Election in an arbitrary graph - Leader Election = Breaking Symmetry Getting into the restricted world with Unique Initiator so

512 views • 35 slides
UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal

UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal

APPLICATIONS UC UC b Overview Leader Election Protocol Dynamic Voltage Scaling Optimal Reconfiguration of FPGA Memory Interface UC UCb Leader Election Protocol UC UC b Leader Election 2 1 0 3 Protocol by Leslie

917 views • 62 slides
Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree

Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree

Foundations of Distributed Systems: Leader Election Stefan Schmid @ T-Labs, 2011 Motivation Leader Election Nodes in network agree on exactly one leader. All other nodes are followers. Reasons for electing a leader? Reasons for not electing a

334 views • 29 slides
Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group

Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group

Leader Election in a Synchronous Ring Paulo S ergio Almeida Distributed Systems Group Departamento de Inform atica Universidade do Minho 20072010 Paulo S c ergio Almeida Leader Election in a Synchronous Ring 1 Leader election

384 views • 35 slides
Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital

Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital

Advanced Network Security 2. Distributed Algorithms: Leader Election Jaap-Henk Hoepman Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // * jhh@cs.ru.nl // 8 www.cs.ru.nl/~jhh Leader election: motivation n IBM token

421 views • 27 slides
Problem Silent Self-stabilizing Leader Election Model: Locally shared memory model

Problem Silent Self-stabilizing Leader Election Model: Locally shared memory model

Self-Stabilizing Leader Election in Polynomial Steps 1 Karine Altisen Alain Cournier Stphane Devismes Anas Durand Franck Petit September 29, 2014 1This work has been partially supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025-01) and

1.83k views • 181 slides
Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen

Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen

Leader Election Election in Trees Election in Rings Election in Trees and Rings T-79.4001 Seminar on Theoretical Computer Science Ilari Nieminen 21.02.2007 Ilari Nieminen Election in Trees and Rings Leader Election Election in Trees

655 views • 30 slides
Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is

Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is

Diffusing Computation Using Spanning Tree Construction for Solving Leader Election Root is the leader In the presence of faults, There may be multiple trees Multiple leaders After recovery There is a unique tree

551 views • 22 slides
T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy

T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy

Introduction Model and Notations Asymptotic analysis of L := number of survivors at position J ( n ) Asymptotics for p T he Asymmetric leader election algorithm: number of survivors near the end of the game Guy Louchard March 14, 2014

1.16k views • 72 slides
The secret deal to destroy paradise The story behind the single biggest threat to the rainforests

The secret deal to destroy paradise The story behind the single biggest threat to the rainforests

The secret deal to destroy paradise The story behind the single biggest threat to the rainforests of Indonesia Presentation to WRI Forest Legality Week, October 2019 The Tanah Merah palm project Primary Forest It is huge Twice size of London

292 views • 12 slides
Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO,

Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO,

Content Curation: The Secret to becoming a Thought Leader Pawan Deshpande Chris Brogan CEO, HiveFire President, New Marketing Labs www.getcurata.com www.chrisbrogan.com @tweetsfrompawan @chrisbrogan @hivefire Hash Tag: #AMACurata Agenda

908 views • 35 slides
Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito

Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito

OPODIS 2018 Loosely-stabilizing Leader Election with Polylogarithmic Convergence Time Yuichi Sudo 1 , Fukuhito Ooshita 2 , Hirotsugu Kakugawa 1 , Toshimitsu Masuzawa 1 , Ajoy K. Datta 3 , Lawrence L. Larmore 3 1. Osaka University, Japan 2.

758 views • 41 slides
VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

NEW YORK LONDON SHANGHAI VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret Sport WE ARE MISSION VISION VALUES 8.1% GROWTH BY 2022 3BN DOMESTIC VALUE STATS WE OFFER LINGERIE PANTIES

340 views • 30 slides
Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is

Today. Polynomials. Secret Sharing. A secret! I have a secret! A number from 0 to 10. What is it? Any one of you knows nothing! Any two of you can figure it out! Example Applications: Nuclear launch: need at least 3 out of 5 people to

513 views • 23 slides
Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2

Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2

Leader Election in Asymmetric Labeled Unidirectional Rings Karine Altisen 1 Ajoy K. Datta 2 Stphane Devismes 1 Anas Durand 1 Lawrence L. Larmore 2 1 Univ. Grenoble Alpes, CNRS, Grenoble INP, VERIMAG, 38000 Grenoble, France 2 University of

913 views • 76 slides
Midterm 2 Review Midterm Topics Leader Election Consensus Formulation Synchronous

Midterm 2 Review Midterm Topics Leader Election Consensus Formulation Synchronous

Midterm 2 Review Midterm Topics Leader Election Consensus Formulation Synchronous consensus Paxos FLP Theorem Bitcoin Raft DHT Midterm Format Timed exam, 79 p.m. Monday Exam released @ 7 p.m.

340 views • 14 slides
Election Security and Integrity What is election security? What is election integrity? Election

Election Security and Integrity What is election security? What is election integrity? Election

Election Security and Integrity What is election security? What is election integrity? Election Security = Physical Security + Cybersecurity Physical Security Security plans Secure storage of voting machines and electronic pollbooks

341 views • 13 slides
Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp.

Secret Sharing See: Shamir, How to Share a Secret , CACM, Vol. 22, No. 11, November 1979, pp. 612613 Eli Biham - May 3, 2005 c 497 Secret Sharing (17) How to Keep a Secret Key Securely Information can be secured by encryption under a

597 views • 23 slides
An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols:

An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols:

An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols: Application to FTSP Ocan Sankur , Jean-Pierre Talpin Irisa, CNRS, Rennes Ocan Sankur Abstractions For Parameterized Model Checking of FTSP 1 / 7

534 views • 25 slides
set to take off at the secret is out! The Secret is out! This years Emmys gift bags will be the

set to take off at the secret is out! The Secret is out! This years Emmys gift bags will be the

set to take off at the secret is out! The Secret is out! This years Emmys gift bags will be the international launchpad of a new Australian owned moisturizer specifically formulated for airline passengers and cabin crew. Aviation

493 views • 3 slides
Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last

Advanced Tools from Modern Cryptography Lecture 3 Secret-Sharing (ctd.) Secret-Sharing Last time (n,t) secret-sharing (n,n) via additive secret-sharing Shamir secret-sharing for general (n,t) Shamir secret-sharing is a linear

611 views • 14 slides
TOP SECRET DEFENCE ESTATE & TOP SECRET INFRASTRUCTURE New Zealand Defence Industry

TOP SECRET DEFENCE ESTATE & TOP SECRET INFRASTRUCTURE New Zealand Defence Industry

TOP SECRET DEFENCE ESTATE & TOP SECRET INFRASTRUCTURE New Zealand Defence Industry Association Members Meeting 9 May 2018, Wellington UNCLASSIFIED 2 Estate Regeneration: Building DEI capability through an Alliance TOP SECRET

715 views • 17 slides
1 What makes something a secret? What is worth keeping secret? Should secrets be

1 What makes something a secret? What is worth keeping secret? Should secrets be

S E W OME N S B USINE SS : CRE T I NOUS R S , A NT OGY , AND T HE NDIGE IGHT HROPOL H INDMARSH I AND B RIDGE C ONT RSY SL ROVE 1 What makes something a secret? What is worth keeping secret? Should secrets be revealed?

260 views • 14 slides

More recommend