Lower Bounds on the Degree of Block Ciphers

Only the method to estimate the upper bound of the algebraic degree on block ciphers is known so far, but it is not useful for the designer to guarantee the security. In this paper we provide meaningful lower bounds on the algebraic degree of modern block ciphers

Vitamin A Deficiency after Gastric Bypass Surgery: An Underreported Postoperative Complication

Introduction. Few data are available on vitamin A deficiency in the gastric bypass population. Methods. We performed a retrospective chart review of gastric bypass patients (n = 69, 74% female). The relationship between serum vitamin A concentration and markers of protein metabolism at 6-weeks and 1-year post-operative were assessed. Results. The average weight loss at 6-weeks and 1-year following surgery was 20.1 ± 9.1 kg and 44.1 ± 17.1 kg, respectively. At 6 weeks and 1 year after surgery, 35% and 18% of patients were vitamin A deficient, (<325 mcg/L). Similarly, 34% and 19% had low pre-albumin levels (<18 mg/dL), at these time intervals. Vitamin A directly correlated with pre-albumin levels at 6 weeks (r = 0.67, P < 0.001) and 1-year (r = 0.67,  P < 0.0001). There was no correlation between the roux limb length measurement and pre-albumin or vitamin A serum concentrations at these post-operative follow-ups. Vitamin A levels and markers of liver function testing were also unrelated. Conclusion. Vitamin A deficiency is common after bariatric surgery and is associated with a low serum concentration of pre-albumin. This fat-soluble vitamin should be measured in patients who have undergone gastric bypass surgery and deficiency should be suspected in those with evidence of protein-calorie malnutrition

Anomalies and Vector Space Search: Tools for S-Box Analysis

International audienceS-boxes are functions with an input so small that the simplest way to specify them is their lookup table (LUT). How can we quantify the distance between the behavior of a given S-box and that of an S-box picked uniformly at random? To answer this question, we introduce various "anomalies". These real numbers are such that a property with an anomaly equal to should be found roughly once in a set of $2^a$ random S-boxes. First, we present statistical anomalies based on the distribution of the coefficients in the difference distribution table, linear approximation table, and for the first time, the boomerang connectivity table. We then count the number of S-boxes that have block-cipher like structures to estimate the anomaly associated to those. In order to recover these structures, we show that the most general tool for decomposing S-boxes is an algorithm efficiently listing all the vector spaces of a given dimension contained in a given set, and we present such an algorithm. Combining these approaches, we conclude that all permutations that are actually picked uniformly at random always have essentially the same cryptographic properties and the same lack of structure

Re-evaluating microglia expression profiles using RiboTag and cell isolation strategies

Transcriptome profiling is widely used to infer functional states of specific cell types, as well as their responses to stimuli, to define contributions to physiology and pathophysiology. Focusing on microglia, the brain’s macrophages, we report here a side-by-side comparison of classical cell-sorting-based transcriptome sequencing and the ‘RiboTag’ method, which avoids cell retrieval from tissue context and yields translatome sequencing information. Conventional whole-cell microglial transcriptomes were found to be significantly tainted by artifacts introduced by tissue dissociation, cargo contamination and transcripts sequestered from ribosomes. Conversely, our data highlight the added value of RiboTag profiling for assessing the lineage accuracy of Cre recombinase expression in transgenic mice. Collectively, this study indicates method-based biases, reveals observer effects and establishes RiboTag-based translatome profiling as a valuable complement to standard sorting-based profiling strategies

Smooth Muscle Cell Phenotype Modulation and Contraction on Native and Cross-Linked Polyelectrolyte Multilayers

Smooth muscle cells convert between a motile, proliferative “synthetic ” phenotype and a sessile, “contractile ” phenotype. The ability to manipulate the phenotype of aortic smooth muscle cells with thin biocompatible polyelectrolyte multilayers (PEMUs) with common surface chemical characteristics but varying stiffness was investigated. The stiffness of (PAH/ PAA) PEMUs was varied by heating to form covalent amide bond cross-links between the layers. Atomic force microscopy (AFM) showed that cross-linked PEMUs were thinner than those that were not cross-linked. AFM nanoindentation demonstrated that the Young’s modulus ranged from 6 MPa for hydrated native PEMUs to more than 8 GPa for maximally cross-linked PEMUs. Rat aortic A7r5 smooth muscle cells cultured on native PEMUs exhibited morphology and motility of synthetic cells and expression of the synthetic phenotype markers vimentin, tropomyosin 4, and nonmuscle myosin heavy chain IIB (nmMHCIIB). In comparison, cells cultured on maximally cross-linked PEMUs exhibited the phenotype markers calponin, smooth muscle myosin heavy chain (smMHC), myocardin, transgelin, and smooth muscle R-actin (smActin) that are characteristic of the smooth muscle “contractile ” phenotype. Consistent with those cells being “contractile”, A7r5 cells grown on cross-linked PEMUs produced contractile force when stimulated with a Ca2+ ionophore

An Algebraic Formulation of the Division Property: Revisiting Degree Evaluations, Cube Attacks, and Key-Independent Sums

Since it was proposed in 2015 as a generalization of integral properties, the division property has evolved into a powerful tool for probing the structures of Boolean functions whose algebraic normal forms are not available. We capture the most essential elements for the detection of division properties from a pure algebraic perspective, proposing a technique named as monomial prediction, which can be employed to determine the presence or absence of a monomial in any product of the coordinate functions of a vectorial Boolean function $\boldsymbol f$ by counting the number of the so-called monomial trails across a sequence of simpler functions whose composition is $\boldsymbol f$. Under the framework of the monomial prediction, we formally prove that most algorithms for detecting division properties in literature raise no false alarms but may miss. We also establish the equivalence between the monomial prediction and the three-subset bit-based division property without unknown subset presented at EUROCRYPT 2020, and show that these two techniques are perfectly accurate. The monomial prediction technique can be regarded as a purification of the definitions of the division properties without resorting to external multisets. This algebraic formulation gives more insights into division properties and inspires new search strategies. With the monomial prediction, we obtain the exact algebraic degrees of TRIVIUM up to 834 rounds for the first time. In the context of cube attacks, we are able to explore a larger search space in limited time and recover the exact algebraic normal forms of complex superpolies with the help of a divide-and-conquer strategy. As a result, we identify more cubes with smaller dimensions, leading to improvements of some near-optimal attacks against 840-, 841- and 842-round TRIVIUM

Improved Key Recovery Attacks on Reduced-Round AES with Practical Data an d Memory Complexities

Determining the security of AES is a central problem in cryptanalysis, but progress in this area had been slow and only a handful of cryptanalytic techniques led to significant advancements. At Eurocrypt 2017 Grassi et al. presented a novel type of distinguisher for AES-like structures, but so far all the published attacks which were based on this distinguisher were inferior to previously known attacks in their complexity. In this paper we combine the technique of Grassi et al. with several other techniques in a novel way to obtain the best known key recovery attack on 5-round AES in the single-key model, reducing its overall complexity from about $2^{32}$ to less than $2^{22}$. Extending our techniques to 7-round AES, we obtain the best known attacks on AES-192 which use practical amounts of data and memory, breaking the record for such attacks which was obtained in 2000 by the classical Square attack

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

International audienceThe security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic