On the Complexity of Computing Two Nonlinearity Measures

We study the computational complexity of two Boolean nonlinearity measures: the nonlinearity and the multiplicative complexity. We show that if one-way functions exist, no algorithm can compute the multiplicative complexity in time $2^{O(n)}$ given the truth table of length $2^n$, in fact under the same assumption it is impossible to approximate the multiplicative complexity within a factor of $(2-\epsilon)^{n/2}$. When given a circuit, the problem of determining the multiplicative complexity is in the second level of the polynomial hierarchy. For nonlinearity, we show that it is #P hard to compute given a function represented by a circuit

Online Multi-Coloring with Advice

We consider the problem of online graph multi-coloring with advice. Multi-coloring is often used to model frequency allocation in cellular networks. We give several nearly tight upper and lower bounds for the most standard topologies of cellular networks, paths and hexagonal graphs. For the path, negative results trivially carry over to bipartite graphs, and our positive results are also valid for bipartite graphs. The advice given represents information that is likely to be available, studying for instance the data from earlier similar periods of time.Comment: IMADA-preprint-c

Implementing Grover Oracles for Quantum Key Search on AES and LowMC

Grover's search algorithm gives a quantum attack against block ciphers by searching for a key that matches a small number of plaintext-ciphertext pairs. This attack uses $O(\sqrt{N})$ calls to the cipher to search a key space of size $N$. Previous work in the specific case of AES derived the full gate cost by analyzing quantum circuits for the cipher, but focused on minimizing the number of qubits. In contrast, we study the cost of quantum key search attacks under a depth restriction and introduce techniques that reduce the oracle depth, even if it requires more qubits. As cases in point, we design quantum circuits for the block ciphers AES and LowMC. Our circuits give a lower overall attack cost in both the gate count and depth-times-width cost models. In NIST's post-quantum cryptography standardization process, security categories are defined based on the concrete cost of quantum key search against AES. We present new, lower cost estimates for each category, so our work has immediate implications for the security assessment of post-quantum cryptography. As part of this work, we release Q# implementations of the full Grover oracle for AES-128, -192, -256 and for the three LowMC instantiations used in Picnic, including unit tests and code to reproduce our quantum resource estimates. To the best of our knowledge, these are the first two such full implementations and automatic resource estimations.Comment: 36 pages, 8 figures, 14 table

Spectral Karyotyping for identification of constitutional chromosomal abnormalities at a national reference laboratory

Spectral karyotyping is a diagnostic tool that allows visualization of chromosomes in different colors using the FISH technology and a spectral imaging system. To assess the value of spectral karyotyping analysis for identifying constitutional supernumerary marker chromosomes or derivative chromosomes at a national reference laboratory, we reviewed the results of 179 consecutive clinical samples (31 prenatal and 148 postnatal) submitted for spectral karyotyping. Over 90% of the cases were requested to identify either small supernumerary marker chromosomes (sSMCs) or chromosomal exchange material detected by G-banded chromosome analysis. We also reviewed clinical indications of those cases with marker chromosomes in which chromosomal origin was identified by spectral karyotyping. Our results showed that spectral karyotyping identified the chromosomal origin of marker chromosomes or the source of derivative chromosomal material in 158 (88%) of the 179 clinical cases; the identification rate was slightly higher for postnatal (89%) compared to prenatal (84%) cases. Cases in which the origin could not be identified had either a small marker chromosome present at a very low level of mosaicism (< 10%), or contained very little euchromatic material. Supplemental FISH analysis confirmed the spectral karyotyping results in all 158 cases. Clinical indications for prenatal cases were mainly for marker identification after amniocentesis. For postnatal cases, the primary indications were developmental delay and multiple congenital anomalies (MCA). The most frequently encountered markers were of chromosome 15 origin for satellited chromosomes, and chromosomes 2 and 16 for non-satellited chromosomes. We were able to obtain pertinent clinical information for 47% (41/88) of cases with an identified abnormal chromosome. We conclude that spectral karyotyping is sufficiently reliable for use and provides a valuable diagnostic tool for establishing the origin of supernumerary marker chromosomes or derivative chromosomal material that cannot be identified with standard cytogenetic techniques

Reducing the Multiplicative Complexity in Logic Networks for Cryptography and Security Applications

Reducing the number of AND gates plays a central role in many cryptography and security applications. We propose a logic synthesis algorithm and tool to minimize the number of AND gates in a logic network composed of AND, XOR, and inverter gates. Our approach is fully automatic and exploits cut enumeration algorithms to explore optimization potentials in local subcircuits. The experimental results show that our approach can reduce the number of AND gates by 34% on average compared to generic size optimization algorithms. Further, we are able to reduce the number of AND gates up to 76% in best-known benchmarks from the cryptography community

LNCS

We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and present efficient companion zeroknowledge proofs of knowledge. Our scheme maps elements from the ring (or equivalently, n elements fro

The Security of the FDH Variant of Chaum’s Undeniable Signature Scheme

In this paper, a new kind of adversarial goal called forge-and-impersonate in undeniable signature schemes is introduced. Note that forgeability does not necessarily imply impersonation ability. The security of the full-domain hash (FDH) variant of Chaum's undeniable signature scheme is then classified according to three dimensions, the goal of adversaries, the attacks, and the zero-knowledg (ZK) level of confirmation and disavowal protocols. Each security is then related to some well-known computational problem. In particular, the security of the FDH variant of Chaum's scheme with noninteractive zero-knowledge (NIZK) protocol confirmation and disavowal protocols is proven to be equivalent to the computational Diffie-Hellman (CDH) problem, as opposed to the gap Diffie-Hellman (GDH) problem as claimed by Okamoto and Pointcheval

Tight Private Circuits: Achieving Probing Security with the Least Refreshing

Masking is a common countermeasure to secure implementations against side-channel attacks. In 2003, Ishai, Sahai, and Wagner introduced a formal security model, named t-probing model, which is now widely used to theoretically reason on the security of masked implementations. While many works have provided security proofs for small masked components, called gadgets, within this model, no formal method allowed to securely compose gadgets with a tight number of shares (namely, t + 1) until recently. In 2016, Barthe et al. filled this gap with maskComp, a tool checking the security of masking schemes composed of several gadgets. This tool can achieve provable security with tight number of shares by inserting mask-refreshing gadgets at carefully selected locations. However the method is not tight in the sense that there exists some compositions of gadgets for which it cannot exhibit a flaw nor prove the security. As a result, it is overconservative and might insert more refresh gadgets than actually needed to ensure t-probing security. In this paper, we exhibit the first tool, referred to as tightPROVE, able to clearly state whether a shared circuit composed of standard gadgets (addition, multiplication, and refresh) is t-probing secure or not. Given such a composition, our tool either produces a probing-security proof (valid at any order) or exhibits a security flaw that directly implies a probing attack at a given order. Compared to maskComp, tightPROVE can drastically reduce the number of required refresh gadgets to get a probing security proof, and thus the randomness requirement for some secure shared circuits. We apply our method to a recent AES implementation secured with higher-order masking in bitslice and we show that we can save all the refresh gadgets involved in the s-box layer, which results in an significant performance gain

Quality of life assessment as a predictor of survival in non-small cell lung cancer

<p>Abstract</p> <p>Background</p> <p>There are conflicting and inconsistent results in the literature on the prognostic role of quality of life (QoL) in cancer. We investigated whether QoL at admission could predict survival in lung cancer patients.</p> <p>Methods</p> <p>The study population consisted of 1194 non-small cell lung cancer patients treated at our institution between Jan 2001 and Dec 2008. QoL was evaluated using EORTC-QLQ-C30 prior to initiation of treatment. Patient survival was defined as the time interval between the date of first patient visit and the date of death from any cause/date of last contact. Univariate and multivariate Cox regression evaluated the prognostic significance of QoL.</p> <p>Results</p> <p>Mean age at presentation was 58.3 years. There were 605 newly diagnosed and 589 previously treated patients; 601 males and 593 females. Stage of disease at diagnosis was I, 100; II, 63; III, 348; IV, 656; and 27 indeterminate. Upon multivariate analyses, global QoL as well as physical function predicted patient survival in the entire study population. Every 10-point increase in physical function was associated with a 10% increase in survival (95% CI = 6% to 14%, p < 0.001). Similarly, every 10-point increase in global QoL was associated with a 9% increase in survival (95% CI = 6% to 11%, p < 0.001). Furthermore, physical function, nausea/vomiting, insomnia, and diarrhea (p < 0.05 for all) in newly diagnosed patients, but only physical function (p < 0.001) in previously treated patients were predictive of survival.</p> <p>Conclusions</p> <p>Baseline global QoL and physical function provide useful prognostic information in non-small cell lung cancer patients.</p

Cytogenetic abnormalities and fragile-x syndrome in Autism Spectrum Disorder

BACKGROUND: Autism is a behavioral disorder with impaired social interaction, communication, and repetitive and stereotypic behaviors. About 5–10 % of individuals with autism have 'secondary' autism in which an environmental agent, chromosome abnormality, or single gene disorder can be identified. Ninety percent have idiopathic autism and a major gene has not yet been identified. We have assessed the incidence of chromosome abnormalities and Fragile X syndrome in a population of autistic patients referred to our laboratory. METHODS: Data was analyzed from 433 patients with autistic traits tested using chromosome analysis and/or fluorescence in situ hybridization (FISH) and/or molecular testing for fragile X syndrome by Southern and PCR methods. RESULTS: The median age was 4 years. Sex ratio was 4.5 males to 1 female [354:79]. A chromosome (cs) abnormality was found in 14/421 [3.33 %] cases. The aberrations were: 4/14 [28%] supernumerary markers; 4/14 [28%] deletions; 1/14 [7%] duplication; 3/14 [21%] inversions; 2/14 [14%] translocations. FISH was performed on 23 cases for reasons other than to characterize a previously identified cytogenetic abnormality. All 23 cases were negative. Fragile-X testing by Southern blots and PCR analysis found 7/316 [2.2 %] with an abnormal result. The mutations detected were: a full mutation (fM) and abnormal methylation in 3 [43 %], mosaic mutations with partial methylation of variable clinical significance in 3 [43%] and a permutation carrier [14%]. The frequency of chromosome and fragile-X abnormalities appears to be within the range in reported surveys (cs 4.8-1.7%, FRAX 2–4%). Limitations of our retrospective study include paucity of behavioral diagnostic information, and a specific clinical criterion for testing. CONCLUSIONS: Twenty-eight percent of chromosome abnormalities detected in our study were subtle; therefore a high resolution cytogenetic study with a scrutiny of 15q11.2q13, 2q37 and Xp23.3 region should be standard practice when the indication is autism. The higher incidence of mosaic fragile-X mutations with partial methylation compared to FRAXA positive population [50% vs 15–40%] suggests that faint bands and variations in the Southern band pattern may occur in autistic patients