Routes for breaching and protecting genetic privacy

We are entering the era of ubiquitous genetic information for research, clinical care, and personal curiosity. Sharing these datasets is vital for rapid progress in understanding the genetic basis of human diseases. However, one growing concern is the ability to protect the genetic privacy of the data originators. Here, we technically map threats to genetic privacy and discuss potential mitigation strategies for privacy-preserving dissemination of genetic data.Comment: Draft for comment

A Distributed Trust Framework for Privacy-Preserving Machine Learning

When training a machine learning model, it is standard procedure for the researcher to have full knowledge of both the data and model. However, this engenders a lack of trust between data owners and data scientists. Data owners are justifiably reluctant to relinquish control of private information to third parties. Privacy-preserving techniques distribute computation in order to ensure that data remains in the control of the owner while learning takes place. However, architectures distributed amongst multiple agents introduce an entirely new set of security and trust complications. These include data poisoning and model theft. This paper outlines a distributed infrastructure which is used to facilitate peer-to-peer trust between distributed agents; collaboratively performing a privacy-preserving workflow. Our outlined prototype sets industry gatekeepers and governance bodies as credential issuers. Before participating in the distributed learning workflow, malicious actors must first negotiate valid credentials. We detail a proof of concept using Hyperledger Aries, Decentralised Identifiers (DIDs) and Verifiable Credentials (VCs) to establish a distributed trust architecture during a privacy-preserving machine learning experiment. Specifically, we utilise secure and authenticated DID communication channels in order to facilitate a federated learning workflow related to mental health care data.Comment: To be published in the proceedings of the 17th International Conference on Trust, Privacy and Security in Digital Business - TrustBus202

Balloon Hashing: A Memory-Hard Function Providing Provable Protection Against Sequential Attacks

We present the Balloon password-hashing algorithm. This is the first practical cryptographic hash function that: (i) has proven memory-hardness properties in the random-oracle model, (ii) uses a password-independent access pattern, and (iii) meets or exceeds the performance of the best heuristically secure password-hashing algorithms. Memory-hard functions require a large amount of working space to evaluate efficiently and when used for password hashing, they dramatically increase the cost of offline dictionary attacks. In this work, we leverage a previously unstudied property of a certain class of graphs (“random sandwich graphs”) to analyze the memory-hardness of the Balloon algorithm. The techniques we develop are general: we also use them to give a proof of security of the scrypt and Argon2i password-hashing functions in the random-oracle model. Our security analysis uses a sequential model of computation, which essentially captures attacks that run on single-core machines. Recent work shows how to use massively parallel special-purpose machines (e.g., with hundreds of cores) to attack Balloon and other memory-hard functions. We discuss these important attacks, which are outside of our adversary model, and propose practical defenses against them. To motivate the need for security proofs in the area of password hashing, we demonstrate and implement a practical attack against Argon2i that successfully evaluates the function with less space than was previously claimed possible. Finally, we use experimental results to compare the performance of the Balloon hashing algorithm to other memory-hard functions

A Fatal Case of Late Stage Lyme Borreliosis and Substance Abuse

A recent study demonstrated a 1,100% (12-fold) increase in substance abuse after acquiring Lyme borreliosis. Lyme borreliosis and substance abuse have never been adequately studied and deserves greater attention. A fatal case of Lyme borreliosis and substance abuse is presented, compared to a database, relevant citations are reviewed, brain tussue is analyzed, and findings are discussed. The patient had a delay in adequate diagnosis and treatment. Further disease progression contributed to him feeling desperate as a result of multiple late stage symptoms. He experimented with multiple substances in an effort for relief. The pathophysiological effects of the infection resulted in an increased number and severity of mulsitystem symptoms, disability, and substance abuse. During acute deterioration of his mental state from phencyclidine withdrawal, NMDA agonism increased, he committed a homicide, two assaults, and suicide. In reviewing other cases, late stage Lyme borreliosis is associated with many symptoms that may contribute to an increased risk of addictive disorders and substance abuse. These symptoms include chronic pain, anxiety, social anxiety, insomnia, anhedonia and fatigue. More effective diagnosis and treatment and attention to substance abuse potential in these patients may help prevent some cases of addictive disorders, substance abuse, and death