Menu

Blog

Archive for the ‘security’ category: Page 76

Dec 17, 2020

Three-party quantum private computation of cardinalities of set intersection and union based on GHZ states

Posted by in categories: computing, encryption, quantum physics, security

Quantum key distribution is one kind of important cryptographic protocols based on quantum mechanics, in which any outside eavesdropper attempting to obtain the secret key shared by two users will be detected. The successful detection comes from Heisenberg’s uncertainty principle: the measurement of a quantum system, which is required to obtain information of that system, will generally disturb it. The disturbances provide two users with the information that there exists an outside eavesdropper, and they can therefore abort the communication. Nowadays, most people need to share some of their private information for certain services such as products recommendation for online shopping and collaborations between two companies depending on their comm interests. Private Set Intersection Cardinality (PSI-CA) and Private Set Union Cardinality (PSU-CA), which are two primitives in cryptography, involve two or more users who intend to obtain the cardinalities of the intersection and the union of their private sets through the minimum information disclosure of their sets1,2,3.

The definition of Private Set Intersection (PSI), also called Private Matching (PM), was proposed by Freedman4. They employed balanced hashing and homomorphic encryption to design two PSI protocols and also investigated some variants of PSI. In 2012, Cristofaro et al.1 developed several PSI-CA and PSU-CA protocols with linear computation and communication complexity based on the Diffie-Hellman key exchange which blinds the private information. Their protocols were the most efficient compared with the previous classical related ones. There are also other classical PSI-CA or PSU-CA protocols5,6,7,8. Nevertheless, the security of these protocols relies on the unproven difficulty assumptions, such as discrete logarithm, factoring, and quadratic residues assumptions, which will be insecure when quantum computers are available9,10,11.

For the sake of improving the security of PSI-CA protocols for two parties, Shi et al.3 designed a probabilistic protocol where multi-qubit entangled states, complicated oracle operators, and measurements in high N-dimensional Hilbert space were utilized. And the same method in Ref.3 was later used to develop a PSI-CA protocol for multiple parties12. For easy implementation of a protocol, Shi et al.13 leveraged Bell states to construct another protocol for PSI-CA and PSU-CA problems that was more practical than that in Ref.3. In both protocols Ref.3 and Ref.13, only two parties who intend to get the cardinalities of the intersection and the union of their private sets are involved. Although Ref.12 works for multiple parties, it only solves the PSI-CA problem and requires multi-qubit entangled states, complicated oracle operators, and measurements. It then interests us that how we could design a more practical protocol for multiple parties to simultaneously solve PSI-CA and PSU-CA problems. Inspired by Shi et al.’s work, we are thus trying to design a three-party protocol to solve PSI-CA and PSU-CA problems, where every two and three parties can obtain the cardinalities of the intersection and the union of their respective private sets with the aid of a semi-honest third party (TP). TP is semi-honest means that he loyally executes the protocol, makes a note of all the intermediate results, and might desire to take other parties’ private information, but he cannot collude with dishonest parties. We then give a detailed analysis of the presented protocol’s security. Besides, the influence of six typical kinds of Markovian noise on our protocol is also analyzed.

Dec 15, 2020

Earable computing: A new research area in the making

Posted by in categories: augmented reality, computing, health, mobile phones, security, wearables

CSL’s Systems and Networking Research Group (SyNRG) is defining a new sub-area of mobile technology that they call “earable computing.” The team believes that earphones will be the next significant milestone in wearable devices, and that new hardware, software, and apps will all run on this platform.

“The leap from today’s earphones to ‘earables’ would mimic the transformation that we had seen from basic phones to smartphones,” said Romit Roy Choudhury, professor in electrical and (ECE). “Today’s smartphones are hardly a calling device anymore, much like how tomorrow’s earables will hardly be a smartphone accessory.”

Instead, the group believes tomorrow’s earphones will continuously sense , run acoustic augmented reality, have Alexa and Siri whisper just-in-time information, track user motion and health, and offer seamless security, among many other capabilities.

Dec 11, 2020

Malwarebytes detects leaked tools from FireEye breach

Posted by in categories: information science, privacy, security

The security company FireEye was breached by a sophisticated attack that stole multiple red team assessment tools. Malwarebytes customers are safe.

Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team assessment tools used for identification of vulnerabilities to help protect customers.

While it is not known exactly who was behind this attack, a big concern is the sharing and use of these stolen red team tools by both sophisticated and non-sophisticated actors, similar to what we saw in 2017 with the ShadowBrokers group breach of the NSA’s Equation Group.

Dec 8, 2020

Finally, a Contact Lens That Actually Beams Lasers From Your Eyes

Posted by in categories: biotech/medical, security, wearables

Circa 2018


Scientists have created an ultrathin, flexible film that can emit laser light — and successfully tested it on a contact lens, demonstrating the possibility of laser eye-beams.

Before you rush out and buy a Cyclops-style visor, it’s not even close to powerful enough to cause damage. Instead, the researchers say, the technology has potential for use as wearable security tags, or even as a type of laser barcode.

Continue reading “Finally, a Contact Lens That Actually Beams Lasers From Your Eyes” »

Dec 3, 2020

Hackers try to penetrate the vital ‘cold chain’ for coronavirus vaccines, security team reports

Posted by in categories: biotech/medical, security

IBM security researchers said the “precision targeting of executives and key global organizations hold the potential hallmarks of a nation-state tradecraft.”

Nov 29, 2020

Drone Privacy Laws Around the World: Surfshark Maps it Out

Posted by in categories: business, drones, mapping, security

Drone privacy laws vary all around the world — and what might get you a great shot in one country could get you jail time in another.


Surfshark, a digital security firm, introduces Mapped: The state of drone privacy laws in (nearly) every country.

Drone privacy is serious business – and what gets you a great image in one country could get you a jail term in another. Finding these laws, however, is hit or miss – so this new research from Surfshark is a great place to start for world travelers.

Continue reading “Drone Privacy Laws Around the World: Surfshark Maps it Out” »

Nov 28, 2020

Amazon cloud-computing outage Wednesday triggered by effort to boost system’s capacity

Posted by in categories: computing, security

Amazon acknowledged that the system failure was exacerbated by the co-dependencies its various services have on one another. The company had been trying to add capacity to its Amazon Kinesis service that customers use to process real-time data including video, audio and application logs. To resolve the issue, Amazon needed to restart a piece of its system it described as “many thousands of servers,” a lengthy process that had to be done gradually. But because other Amazon cloud services rely on Kinesis, including its Cognito authentication offering, they failed as well.

Nov 23, 2020

Why You Should Stop Texting From Your Android Messages App

Posted by in categories: encryption, mobile phones, security

If you’re a user of Google’s Messages app on your Android smartphone, then you will now likely have the RCS update intended to bring standard text messaging into the current century. RCS is now available in all major countries except China, Russia and Iran. Building on standard SMS capabilities, this adds chat functionality to compete with WhatsApp and iMessage. But, in truth, it doesn’t compete at all. There’s a glaring issue that doesn’t look like being properly fixed anytime soon. This is now bad enough that you should now go use something else.

The issue, of course, is end-to-end encryption. Six months ago, reports emerged that Google was developing this level of security to upgrade RCS. As of this week, this is now finally available for public beta testing. On the surface, its intent is to deliver Android users with an iMessage alternative. But there is a glaring issue—and it’s a deal breaker. This deployment of end-to-end encryption on RCS is not available for groups—that’s seemingly too complex to handle right now. And there’s also no word yet as to when this limited upgrade might be rolled out.

With that in mind, Android users should opt for a different iMessage-like alternative. Fortunately, there is a simple solution available now. While its standard messenger is not end-to-end encrypted by default, Android offers users the option to select an alternative default messenger that does. Signal is the best secure messenger available. And while its install base is modest in comparison to WhatsApp or iMessage, it’s growing fast.

Nov 23, 2020

Coronavirus Pandemic Stands to Force Changes in U.S. Spy Services

Posted by in categories: biotech/medical, climatology, security, sustainability

After years of underplaying soft threats like disease and climate change, the national-security establishment faces calls for a new approach in light of Covid-19 crisis.

Nov 20, 2020

The Coming NEV War? Implications of China’s Advances in Electric Vehicles

Posted by in categories: biotech/medical, business, economics, education, finance, government, law, mobile phones, policy, robotics/AI, security, space, sustainability

Download the Brief The Issue China’s economy appears to have sprung back to normal. While the overall growth numbers have recovered and China has put forth an ambitious economic agenda for the next five years, optimism has also returned to the new-energy vehicles (NEV) sector, a good metric for the new economy. At the Beijing Auto Show, held in late September, automakers unveiled a dizzying 785 new models, 160 of which were electrified. There is growing speculation that China’s NEV sector is ready to burst onto the global stage and become an export powerhouse. But despite the glitzy new models, incremental progress on several fronts, and initial signs of expanding business abroad, China’s NEV sector still faces substantial roadblocks. Some are the result of continuing economic troubles, while others paradoxically are a result of gradual success. Consequently, the new wave of enthusiasm is a bit premature. The Shiny Exterior China has staked much of its transportation future on the new-energy vehicle sector. Massive state support is meant to drive this industry forward and help the country address three problems: reliance on the West for technology, dependence on oil imports, and air pollution. Yet progress in achieving these goals has been halting, slowed by technical challenges, investment by too many players, and insufficient consumer enthusiasm. This update of CSIS’s work from 2018 and 2019 focuses on the first challenge, industrial competitiveness. The NEV sector has grown rapidly, but it has struggled to maintain forward momentum as a result of uneven technological progress, growing pains within some individual companies, and volatile consumer demand. These issues intensified amid the pandemic, but prospects have brightened since. Sales lagged in 2019 and tanked in the first quarter of 2020, but they started recovering this summer. In July, 2020 sales figures surpassed their 2019 levels for the first time (see Figure 1). NEV sales reached 138,000 in September, and if historic patterns hold, with a big jump in year-end sales, it is entirely feasible that China will break its December 2018 record of 225,000 sales of NEVs. Even as overall auto sales have improved from the anemic levels of the first part of 2020, NEV sales are growing faster, and as a result, their share of the total is steadily rising, up from 2.3 percent in January to 5.4 percent in September (see Figure 2). As in the past, the NEV share should continue to climb toward the end of the year. There also has been a recent spate of positive news about individual domestic producers, many of whom have been struggling. Although American producer Tesla has received the most attention lately, Chinese brands are drawing positive attention. The Wuling Mini EV, a new model produced by a joint venture with General Motors, sold over 20,000 units in September, ahead of the second-place Tesla Model 3 (11,300) and BYD’s Qin EV (8,100). NIO, the flashy upstart listed on the NYSE, delivered 4,700 vehicles in September, a big jump from a year earlier. Another well-known start-up, XPeng, recently produced its 10,000th vehicle. And more traditional producers, such as SAIC Motors, have poured more resources into NEVs and have announced plans for high-end models. Equally important, foreign automakers, who have been hesitant to ramp up production because of fears about market saturation, have started to roll out NEV models. In 2017, China announced the initiation of a “dual-credit” policy that incentivizes car companies producing in China to have a minimum percentage of their fleets be NEVs and to raise vehicle fuel efficiency. Modeled on California’s Zero-Emission Vehicle Program, automakers that do not produce enough NEVs and do not sufficiently raise their average fuel economy levels must buy credits from those with a surplus. China set low voluntary targets in 2018, announced that it would steadily raise the minimum threshold annually, and in 2019 made the system mandatory for all but the smallest producers (those with total production under 30,000 vehicles). The Chinese government has started issuing data on automakers’ performance record with the dual-credit system. Interpreting the data requires caution because the system’s rules are complex, and it is unclear if officials and firms are following the written procedures. Accepting that proviso, the data on production shows a huge difference between local- and foreign-invested automakers (see Figure 3). The former (represented by green dots), perhaps viewing the dual-credit system as a mandate, immediately started expanding NEV capacity, with some going far beyond the minimum threshold. By contrast, global players (the blue dots) initially held back, and almost none of them reached the 2018 baseline. But in 2019, several of the foreign-invested producers, such as GM-SAIC-Wuling and BMW Brilliance, met the minimum production target even as it was raised from the prior year. Anecdotal evidence suggests that the data for 2020 will likely show even more widespread compliance for both domestic and global players. Just as important, the growing ability of more carmakers to meet or exceed the dual-credit system’s production target has not yet resulted in massive overcapacity generally. Although the situation may be more problematic in certain market segments, there usually has not been a huge gap between supply and demand (see Figure 4). Periods of overall surpluses and shortages appear to have been relatively brief. Progress among automakers and the industry more broadly has been built on and reinforced advances among parts makers, battery producers, and in charging infrastructure. China’s auto battery industry is doing even better than the carmakers. As of August 2020, Fujian-based CATL ranks second in production to LG Chem and is poised to take the top spot by the end of the year (see Figure 5). Three Chinese manufacturers made it into the top 10. CATL has become a major supplier to Tesla and has also inked deals to supply batteries to European automakers. China is already a major parts supplier for traditional automakers, and there is talk that Tesla may start sourcing its motors from a Chinese producer. And as of June 2020, China’s charging infrastructure had expanded significantly, with 764,000 charging poles for private residences and 558,000 public charging stations. By contrast, the United States has only has 101,000 charging outlets. Finally, China is making gradual progress in parallel sectors. It is starting to place more attention on hydrogen fuel cells, with various initiatives in basic research and applications for larger vehicles, the current best use case for hydrogen. Toyota, a global leader in hydrogen, recently announced a joint venture deal with five Chinese partners to develop fuel cell technology. Simultaneously, China is making incremental progress with autonomous vehicles. The Baidu-led Apollo project, Pony.ai, and the trucking company TuSimple have all expanded their testing in China and the United States for Level-3 autonomy and rolled out related pilots. Dependence on Subsidies Despite the genuine progress, it is far too early to declare China’s leap into NEVs an unequivocal success. There are still a variety of problems and challenges to overcome. First, the creation and growth of the NEV sector—to this day—has been heavily dependent on Chinese government subsidies. By our calculations, through the end of 2017 central and local authorities had already poured over RMB 393 billion ($58.7 billion) into the sector (see Figure 6). Most support went to reduce the burden of buyers through subsidies and rebates and an exemption from sales taxes, but significant state support also went to R&D, charging infrastructure, and government procurement. Recently, Beijing has lowered outright support for buyers per vehicle (reducing the subsidy and tax rebate rates), but outlays for R&D and government procurement have risen. By CSIS’s estimates, total government funding for the NEV sector was RMB 148.2 billion in 2018 ($7.2 billion) and RMB 134.9 billion ($20.1 billion) in 2019, meaning total outlays over the past decade of RMB 676 billion ($100.9 billion).1 Over a decade after government encouragement began, its support in 2019 still accounted for a whopping 30.7 percent of the total value of NEV sales. And this only includes direct support and not other benefits, such as corporate income tax reductions and cheap land for factories. Not only does current demand for NEVs not reflect market fundamentals, China recently issued an ambitious plan for the sector’s growth that includes continued massive spending on R&D, infrastructure, and government procurement. In short, there is no plan to wean producers and buyers off of subsidies. One consequence of massive state largesse is the continued presence of too many players. There were 112 active NEV producers in 2018, and in 2020 there are even more, 119. Even assuming extremely healthy sales in 2020 of 1.5 million NEVs, that would average out to 12,600 per producer, certainly far short of sustainable economies of scale. Hence, it is no surprise that a large number of NEV makers have run into financial problems, even before the pandemic. There needs to be a major industry consolidation, but it is not clear if the Chinese government has the stomach to let companies go out of business or the ability to coax competitors into merging. Global Tensions The ongoing dependence on subsidies and state directives is also connected to three kinds of major challenges China faces with the global NEV sector. The first is the uneven results of the dual-credit system and the potential additional costs it places on foreign-invested producers, including U.S. automakers operating in China. It appears that Chinese domestic automakers have seen the dual-credit system as a mandated minimum quota, while foreign producers see it as a market-based incentive system with no penalties beyond the need to buy credits to stay in the government’s good graces. With demand uncertain and the high costs of developing electric models and production lines, foreign producers have been more cautious about taking the NEV leap. That said, between 2018 and 2019 they substantially increased their output of NEVs, lowering their overall credit deficit with respect to production (see Figure 7). However, as Figure 7 also shows, when it comes to fuel economy targets, the picture is more worrisome, as the credit balance for foreign makers rose four-fold from 2018 to 2019 (from 621,000 to over 2.5 million credits). As a result, when one translates the dual-credit performance of automakers into potential financial costs using a conservative estimate of each credit being valued at RMB 200 (one interview source estimates their current value at RMB 500), the net deficit for foreign makers in 2019 rose to RMB 619 million ($92.4 million), while domestic producers gained a net windfall of RMB 1.53 billion ($229 million). Several global automakers, including Volkswagon and General Motors, potentially face substantial penalities (Figure 8). Compared to the RMB 135 billion in direct subsidies to the sector or the industry’s total sales, this is a relatively small shift in wealth. In addition, the government may not have required all producers to actually buy or sell credits in 2019 as originally mandated, perhaps in an effort to reduce burdens during the pandemic and reassure foreign producers in the midst of tensions with the United States. However, we should expect that the dual-credit system will eventually be truly operational, and if past patterns hold, foreign automakers could face growing costs. Although significant, the unbalanced results of the dual-credit system pale in comparison to the sector’s other challenges. China’s domestic NEV sector has made genuine progress, but it is incomplete. After over a decade of intense state support and protection, China’s NEV sector may be in the same subordinate status that its traditional automakers have long been relegated to relative to the world leaders. The joint venture strategy, which began in the early Reform era, was meant to promote the transfer of technology and know-how from the global leaders to local firms so that they could eventually graduate to be independent and then challenge their tutors. Despite the best-laid plans, the Chinese partners have continued to depend on their foreign counterparts. Independent domestic private makers have arisen in the last two decades, and although they have made substantial progress, the top-tier of the Chinese market is still dominated by automakers from Europe, North America, Japan, and South Korea. The NEV sector was supposed to be different and break this cycle, with China ramping up rapidly while producers and governments elsewhere dithered. The story is not yet over, but at this stage it appears Chinese firms have not lept ahead of their foreign rivals. China’s domestic NEV sector has developed mainly at the low and middle tiers of the market. The best-selling Wuling Mini EV is a budget subcompact. Several local producers and others with strong local roots (such as NIO) have ventured into the luxury space, but Tesla arrived on the scene before they could become worthy competitors and firmly hold their own. As BMW, Audi, Mercedes, and other luxury brands roll out more NEV models, the room for local Chinese brands in the higher segments of the market, where the higher profits are, may shrink further unless domestic makers achieve greater progress. Although Chinese producers have broken the dominance of global makers in mobile phones—Apple and Samsung have ceded a lot of the mobile phone market to Huawei, Xiaomi, Oppo, and Vivo—hierarchies in the auto sector may be more resilient and harder to upend. The greatest international challenge of all concerns the global prospects for China’s NEV sector, both exports and overseas production. As noted above, China’s leading battery maker, CATL, is already exporting and has opened up production facilities abroad. Chinese firms have also become the largest investors in cobalt mining and processing facilities in the Democratic Republic of Congo, home to a large proportion of the world’s cobalt, a critical element used in many NEV batteries. These investments have raised significant concerns about the availability and price of cobalt as well as the treatment of workers. This is one reason Tesla and others are developing new batteries that do not use cobalt. However, China so far has had much less success with vehicle exports. In 2019, Chinese NEV sales abroad accounted for only 1.7 percent of the world total, far below the industry’s true powerhouses in the United States, Japan, South Korea, and Germany. According to China’s Commerce Ministry, in 2019 Chinese automakers sold almost 254,000 NEVs abroad, with the vast majority going to South Asia, including 57 percent to Bangladesh and another 25 percent to India. Third was the Netherlands, with only 6,300 NEVs (2.5 percent). The only Chinese NEV maker to have substantial success in developed markets has been BYD, which has both exported buses to and manufactured in the United States and Europe. BYD’s prospects, though, are clouded by language in the National Defense Authorization Act (NDAA) for 2020 that could effectively bar local transportation authorities from buying BYD buses beginning in late 2021. China’s NEV and traditional automakers have signaled that they are setting their sights on the European and American markets. Beyond Tesla itself planning to export from China, the first major step involving domestic producers may be for Chinese-foreign joint ventures to begin producing NEVs in sizeable quantities for exports to developing and advanced economies alike. The next step, though, may come when Chinese NEV makers try to follow up with their own brands. Whether from a foreign firm, joint ventures, or purely local firms, as documented above, China-based exports of NEVs will benefit from extensive government support. If such support translates into NEVs being sold at relatively low prices, they inevitably will invite complaints from other countries’ domestic automakers and action from regulators in the form of fair-trade remedies. Implications for the United States The one upside of the ongoing domestic challenges for China’s NEV sector is a likely delay in the outbreak of a possible “NEV war” between an upstart China and the world’s dominant producers. For the immediate future, the contest will still be primarily in the Chinese market, but eventually the field of play could move to showrooms around Europe and North America and, by implication, present a new challenge to domestic automakers and their workers. To the extent these cars come equipped with automous vehicle or driver-assistance capabilities or are otherwise connected to the internet, vehicles from China could also raise national security concerns related to vehicles’ performance and passenger data. One appropriate reaction would be defensive. Trade lawyers and officials within the U.S. Commerce Department’s International Trade Administration could sharpen their pencils in preparation for a bevy of antidumping and countervailing duty cases. And officials elsewhere in Washington will need to develop regulatory protections because of the potential national security risks related to network security, data storage, and data privacy. But an equally if not more important response will be offensive—for U.S. industry, educational and training institutions, consumer groups, and government to collaborate in strengthening the United States’ own NEV industry from top to bottom. This means: fostering design and engineering talent (which includes attracting international students and workers to the United States); conducting R&D for batteries, hydrogen fuel cells, other alternative energy sources, car components, and chasis materials; encouraging transportation manufacturing clusters in multiple regions; investing in private and public charging infrastructure; expanding incentives for producers; offering larger buyer rebates to make NEVs more affordable for everyone; and integrating developments in NEVs with autonomous vehicle technology, other transportation systems, and urban and regional planning. Beyond being proactive at home, the United States’ international strategy likewise should not be purely defensive. The United States needs to be more supportive without violating its international trade commitments and copying any of China’s discriminatory practices. Washington certainly should oppose China’s unfair trade practices and any threats to our national security, but successfully developing NEVs and transportation systems requires greater coordination with other economies and in international institutions on setting technical standards, engaging in R&D, developing trusted supply chains, and protecting data. There is no doubt China is accelerating its efforts in NEVs. If the United States is going to win this competition, it must develop and execute on its own effective playbook. And the sooner it does so, the better. Scott Kennedy is senior adviser and Trustee Chair in Chinese Business and Economics at the Center for Strategic and International Studies. This report is made possible by general support to CSIS. No direct sponsorship contributed to this report. CSIS Briefs are produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s). © 2020 by the Center for Strategic and International Studies. All rights reserved. Related CSIS Publications Blog Post: Scott Kennedy and Mingda Qiu, “China’s Auto Market Slowdown Finally Hits New-Energy Vehicles,” CSIS, June 25, 2019. Blog Post: Jason Li, “Chinese NEV Policies Drive Transition Toward More Advanced Batteries,” CSIS, January 16, 2019. Blog Post: Brian Hart and Mingda Qiu, “Coastal Provinces Are Leading in Public Charging Infrastructure for New-Energy Vehicles in China,” November 2018. Report: Scott Kennedy, China’s Risky Drive into New-Energy Vehicles, CSIS, November 2018). Commentary: Scott Kennedy and Mingda Qiu, “China’s Expensive Gamble on New-Energy Vehicles,” CSIS, November 6, 2018.

Page 76 of 146First7374757677787980Last