Using biomarkers to predict TB treatment duration (Predict TB): a prospective, randomized, noninferiority, treatment shortening clinical trial

Background : By the early 1980s, tuberculosis treatment was shortened from 24 to 6 months, maintaining relapse rates of 1-2%. Subsequent trials attempting shorter durations have failed, with 4-month arms consistently having relapse rates of 15-20%. One trial shortened treatment only among those without baseline cavity on chest x-ray and whose month 2 sputum culture converted to negative. The 4-month arm relapse rate decreased to 7% but was still significantly worse than the 6-month arm (1.6%, P<0.01).  We hypothesize that PET/CT characteristics at baseline, PET/CT changes at one month, and markers of residual bacterial load will identify patients with tuberculosis who can be cured with 4 months (16 weeks) of standard treatment.Methods: This is a prospective, multicenter, randomized, phase 2b, noninferiority clinical trial of pulmonary tuberculosis participants. Those eligible start standard of care treatment. PET/CT scans are done at weeks 0, 4, and 16 or 24. Participants who do not meet early treatment completion criteria (baseline radiologic severity, radiologic response at one month, and GeneXpert-detectable bacilli at four months) are placed in Arm A (24 weeks of standard therapy). Those who meet the early treatment completion criteria are randomized at week 16 to continue treatment to week 24 (Arm B) or complete treatment at week 16 (Arm C). The primary endpoint compares the treatment success rate at 18 months between Arms B and C.Discussion: Multiple biomarkers have been assessed to predict TB treatment outcomes. This study uses PET/CT scans and GeneXpert (Xpert) cycle threshold to risk stratify participants. PET/CT scans are not applicable to global public health but could be used in clinical trials to stratify participants and possibly become a surrogate endpoint. If the Predict TB trial is successful, other immunological biomarkers or transcriptional signatures that correlate with treatment outcome may be identified. TRIAL REGISTRATION: NCT02821832

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure crypto-coprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added

A MAC Mode for Lightweight Block Ciphers

status: accepte

Time Protection: the Missing OS Abstraction

Timing channels enable data leakage that threatens the security of computer systems, from cloud platforms to smartphones and browsers executing untrusted third-party code. Preventing unauthorised information flow is a core duty of the operating system, however, present OSes are unable to prevent timing channels. We argue that OSes must provide time protection in addition to the established memory protection. We examine the requirements of time protection, present a design and its implementation in the seL4 microkernel, and evaluate its efficacy as well as performance overhead on Arm and x86 processors