There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality.

Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

I and i

Here are two books on a topic new to Technometrics: statistical and mathematical demography. The first author of Applied Mathematical Demography wrote the first two editions of this book alone. The second edition was published in 1985. Professor Keyfritz noted in the Preface (p. vii) that at age 90 he had no interest in doing another edition; however, the publisher encouraged him to find a coauthor. The result is an additional focus for the book in the world of biology that makes it much more relevant for the sciences. The book is now part of the publisher’s series on Statistics for Biology and Health. Much of it, of course, focuses on the many aspects of human populations. The new material focuses on mature population models, the particular focus of the new author (see, e.g., Caswell 2000). As one might expect from a book that was originally written in the 1970s, it does not include a lot of information on statistical computing. The new book by Alho and Spencer is focused on putting a better emphasis on statistics in the discipline of demography (Preface, p. vii). It is part of the publisher’s Series in Statistics. The authors are both statisticians, so the focus is on statistics as used for demographic problems. The authors are targeting human applications, so their perspective on science does not extend any further than epidemiology. The book actually strikes a good balance between statistical tools and demographic applications. The authors use the first two chapters to teach statisticians about the concepts of demography. The next four chapters are very similar to the statistics content found in introductory books on survival analysis, such as the recent book by Kleinbaum and Klein (2005), reported by Ziegel (2006). The next three chapters are focused on various aspects of forecasting demographic rates. The book concludes with chapters focusing on three areas of applications: errors in census numbers, financial applications, and small-area estimates.

Univariate Discrete Distributions

Private information retrieval (PIR) schemes allow a user to retrieve the ith bit of an n-bit data string x, replicated in k?2 databases (in the information-theoretic setting) or in k?1 databases (in the computational setting), while keeping the value of i private. The main cost measure for such a scheme is its communication complexity. In this paper we introduce a model of symmetrically-private information retrieval (SPIR), where the privacy of the data, as well as the privacy of the user, is guaranteed. That is, in every invocation of a SPIR protocol, the user learns only a single physical bit of x and no other information about the data. Previously known PIR schemes severely fail to meet this goal. We show how to transform PIR schemes into SPIR schemes (with information-theoretic privacy), paying a constant factor in communication complexity. To this end, we introduce and utilize a new cryptographic primitive, called conditional disclosure of secrets, which we believe may be a useful building block for the design of other cryptographic protocols. In particular, we get a k-database SPIR scheme of complexity O(n1/(2k?1)) for every constant k?2 and an O(logn)-database SPIR scheme of complexity O(log2n·loglogn). All our schemes require only a single round of interaction, and are resilient to any dishonest behavior of the user. These results also yield the first implementation of a distributed version of (n1)-OT (1-out-of-n oblivious transfer) with information-theoretic security and sublinear communication complexity.

Protecting Data Privacy in Private Information Retrieval Schemes.

The Internet of Things (IoT) is penetrating many facets of our daily life with the proliferation of intelligent services and applications empowered by artificial intelligence (AI). Traditionally, AI techniques require centralized data collection and processing that may not be feasible in realistic application scenarios due to the high scalability of modern IoT networks and growing data privacy concerns. Federated Learning (FL) has emerged as a distributed collaborative AI approach that can enable many intelligent IoT applications, by allowing for AI training at distributed IoT devices without the need for data sharing. In this article, we provide a comprehensive survey of the emerging applications of FL in IoT networks, beginning from an introduction to the recent advances in FL and IoT to a discussion of their integration. Particularly, we explore and analyze the potential of FL for enabling a wide range of IoT services, including IoT data sharing, data offloading and caching, attack detection, localization, mobile crowdsensing, and IoT privacy and security. We then provide an extensive survey of the use of FL in various key IoT applications such as smart healthcare, smart transportation, Unmanned Aerial Vehicles (UAVs), smart cities, and smart industry. The important lessons learned from this review of the FL-IoT services and applications are also highlighted. We complete this survey by highlighting the current challenges and possible directions for future research in this booming area.

/pdf/federated-learning-for-internet-of-things-a-comprehensive-3ttswrbjdg.pdf

Federated Learning for Internet of Things: A Comprehensive Survey

This paper provides a comprehensive study of Federated Learning (FL) with an emphasis on enabling software and hardware platforms, protocols, real-life applications and use-cases. FL can be applicable to multiple domains but applying it to different industries has its own set of obstacles. FL is known as collaborative learning, where algorithm(s) get trained across multiple devices or servers with decentralized data samples without having to exchange the actual data. This approach is radically different from other more established techniques such as getting the data samples uploaded to servers or having data in some form of distributed infrastructure. FL on the other hand generates more robust models without sharing data, leading to privacy-preserved solutions with higher security and access privileges to data. This paper starts by providing an overview of FL. Then, it gives an overview of technical details that pertain to FL enabling technologies, protocols, and applications. Compared to other survey papers in the field, our objective is to provide a more thorough summary of the most relevant protocols, platforms, and real-life use-cases of FL to enable data scientists to build better privacy-preserving solutions for industries in critical need of FL. We also provide an overview of key challenges presented in the recent literature and provide a summary of related research work. Moreover, we explore both the challenges and advantages of FL and present detailed service use-cases to illustrate how different architectures and protocols that use FL can fit together to deliver desired results.

/pdf/federated-learning-a-survey-on-enabling-technologies-23luelc16c.pdf

Federated Learning: A Survey on Enabling Technologies, Protocols, and Applications.

Data have always been a major priority for businesses of all sizes. Businesses tend to enhance their ability in contextualizing data and draw new insights from it as the data itself proliferates with the advancement of technologies. Federated learning acts as a special form of privacy-preserving machine learning technique and can contextualize the data. It is a decentralized training approach for privately collecting and training the data provided by mobile devices, which are located at different geographical locations. Furthermore, users can benefit from obtaining a well-trained machine learning model without sending their privacy-sensitive personal data to the cloud. This article focuses on the most significant challenges associated with the preservation of data privacy via federated learning. Valuable attack mechanisms are discussed, and associated solutions are highlighted to the corresponding attack. Several research aspects along with promising future directions and applications via federated learning are additionally discussed.

Preserving Data Privacy via Federated Learning: Challenges and Solutions

Verifiable Searchable Symmetric Encryption, as an important cloud security technique, allows users to retrieve the encrypted data from the cloud through keywords and verify the validity of the returned results. Dynamic update for cloud data is one of the most common and fundamental requirements for data owners in such schemes. To the best of our knowledge, the existing verifiable SSE schemes supporting data dynamic update are all based on asymmetric-key cryptography verification, which involves time-consuming operations. The overhead of verification may become a significant burden due to the sheer amount of cloud data. Therefore, how to achieve keyword search over dynamic encrypted cloud data with efficient verification is a critical unsolved problem. To address this problem, we explore achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification and propose a practical scheme in this paper. In order to support the efficient verification of dynamic data, we design a novel Accumulative Authentication Tag ( AAT ) based on the symmetric-key cryptography to generate an authentication tag for each keyword. Benefiting from the accumulation property of our designed AAT , the authentication tag can be conveniently updated when dynamic operations on cloud data occur. In order to achieve efficient data update, we design a new secure index composed by a search table ST based on the orthogonal list and a verification list VL containing AATs. Owing to the connectivity and the flexibility of ST, the update efficiency can be significantly improved. The security analysis and the performance evaluation results show that the proposed scheme is secure and efficient.

Towards Achieving Keyword Search over Dynamic Encrypted Cloud Data with Symmetric-Key Based Verification

However, most of the existing asymmetric-PAKE protocols either are based on traditional hash functions under random oracles or depend on non-quantum-secure hardness assumptions and remain insecure in the quantum era. To bridge the gap between the asymmetric-PAKE and quantum-safe, in this paper, we resort to smooth projective hash functions (SPHF) and commitment-based password-hashing schemes (PHS) over lattice-based cryptography, and we propose the construction of round-optimal asymmetric PAKE protocol secure against quantum attacks. Our construction eliminates the costly non-interactive zero-knowledge (NIZK) method, bypasses assumptions of the random oracle model, and achieves quantum resistance. We also show that our asymmetric-PAKE protocol can achieve balanced security and robustness under the Bellare-Pointcheval-Rogaway (BPR) model. Finally, we develop a prototype implementation of our instantiation and use it to evaluate its performance in realistic settings.

Quantum-Safe Round-Optimal Password Authentication for Mobile Devices

Password-based authenticated key exchange (PAKE) protocol allows protocol participants to establish a high entropy session key by pre-sharing a low-entropy password. Katz and Vaikuntanathan (ASIACRYPT'09) used a one-round smooth projective hash function (SPHF) over lattices to design a three-round PAKE protocol. Zhang and Yu (AISACRYPT'17) improved Katz-Vaikuntanatha's scheme by proposing a two-round PAKE with NIZK proofs, but how to construct a lattice-based simulation-sound NIZK remains an open research question. Benhamouda et al. followed the framework of Katz and Vaikuntananthan (TCC'11) and proposed a one-round PAKE via trapdoor-SPHF, but their scheme was based on conventional DDH assumption. In other words, how to design a one-round PAKE via an efficient lattice-based SPHF still remains a challenge. In this paper, we attempt to fill this gap by first proposing a new IND-CCA-secure lattice-based SPHF based on the work of Benhamouda et al. (PKC'18), and then using the proposed SPHF to construct a one-round PAKE protocol. We then prove the security of the proposed protocol. We also explore the possibilities of constructing two-round PAKE, three-round PAKE and universal composable security from our SPHF, and show the potential application of our PAKE in the Internet of Things where communication cost is the main consideration.

Achieving One-Round Password-based Authenticated Key Exchange over Lattices

Identity-based proxy re-encryption ( $ \mathsf {IBPRE}$ ) is a powerful cryptographic tool for various applications, such as access control system, secure data sharing, and secure e-mail forwarding. Most of the existing efficient $ \mathsf {IBPRE}$ schemes are based on the Diffie–Hellman assumption, and they only focus on the single-hop construction. Based on the work of Chandran et al. ’s lattice-based proxy re-encryption ( $ \mathsf {PRE}$ ) scheme (PKC’14) and Yamada’s lattice-based identity-based encryption ( $ \mathsf {IBE}$ ) scheme (EUROCRYPT’16), in this paper, we first show the possibility of assembling lattice-based $ \mathsf {IBE}$ into lattice-based $ \mathsf {PRE}$ . Then, we present the construction of a new efficient single-hop homomorphic $ \mathsf {IBPRE}$ from learning with errors ( $ \mathsf {LWE}\text{s}$ ) via key homomorphic computation. Furthermore, using branching program ( $ \mathsf {BP}$ ), we obtain an efficient multi-hop $ \mathsf {IBPRE}$ scheme. To the best of our knowledge, our scheme is the first multi-hop homomorphic $ \mathsf {IBPRE}$ scheme via $ \mathsf {BP}$ . Our scheme supports homomorphic evaluation and is proved secure under the decisional $ \mathsf {LWE}$ assumption.

Zengpeng Li

Papers

Preserving Data Privacy via Federated Learning: Challenges and Solutions

Towards Achieving Keyword Search over Dynamic Encrypted Cloud Data with Symmetric-Key Based Verification

Quantum-Safe Round-Optimal Password Authentication for Mobile Devices

Achieving One-Round Password-based Authenticated Key Exchange over Lattices

Towards Multi-Hop Homomorphic Identity-Based Proxy Re-Encryption via Branching Program