Cube Testers and Key Recovery Attacks On Reduced-Round MD6 and Trivium

CRYPTO 2008 saw the introduction of the hash function MD6 and of cube attacks, a type of algebraic attack applicable to cryptographic functions having a low-degree algebraic normal form over GF(2). This paper applies cube attacks to reduced round MD6, finding the full 128-bit key of a 14-round MD6 with complexity 2^22 (which takes less than a minute on a single PC). This is the best key recovery attack announced so far for MD6. We then introduce a new class of attacks called cube testers, based on efficient property-testing algorithms, and apply them to MD6 and to the stream cipher Trivium. Unlike the standard cube attacks, cube testers detect nonrandom behavior rather than performing key extraction, but they can also attack cryptographic schemes described by nonrandom polynomials of relatively high degree. Applied to MD6, cube testers detect nonrandomness over 18 rounds in 2^17 complexity; applied to a slightly modified version of the MD6 compression function, they can distinguish 66 rounds from random in 2^24 complexity. Cube testers give distinguishers on Trivium reduced to 790 rounds from random with 2^30 complexity and detect nonrandomness over 885 rounds in 2^27, improving on the original 767-round cube attack

Selecting ecosystem indicators for fisheries targeting highly migratory species: An EU project to advance the operationalization of the EAFM in ICCAT and IOTC

Several international legal agreements and guidelines have set the minimum standards and key principles to guide the implementation of an ecosystem approach to fisheries management (EAFM). However, the implementation of an EAFM in tuna Regional Fisheries Management Organizations (RFMOs) has been patchy and lack a long-term plan, vision and guidance on how to operationalize it. The Specific Contract N0 2 “selecting ecosystem indicators for fisheries targeting highly migratory species-” (SC02 project) under the Framework Contract - EASME/ EMFF/2016/008 provisions of Scientific Advice for Fisheries Beyond EU Waters- addresses several scientific challenges and provides insights to support the implementation of an EAFM through collaboration and consultation with the International Commission for the Conservation of Atlantic Tunas (ICCAT) and the Indian Ocean Tuna Commission (IOTC). Specifically, this project first highlights properties of success and best practices from other regions of the world in operationalizing the ecosystem approach that potentially could be transferred to ICCAT and IOTC. Second, it delivered a list of potential ecosystem indicators of relevance to tuna RFMOs (ICCAT and IOTC) that are suitable to track the impacts of fisheries targeting tuna and tuna-like species on the broader pelagic ecosystem. Third, it designed a general framework based on a rule-based decision tree to provide guidance on how reference points could be set and used for diverse types of ecosystem indicators. Fourth, it proposed candidate ecoregions within the Atlantic and Indian Oceans which could be used to guide region-based ecosystem plans, assessments and research to ultimately provide better ecosystem-based advice to inform fisheries management. Fifth, it developed two pilot ecosystem plans for two case study regions, the tropical ecoregion within the ICCAT convention area, and the temperate ecoregion within the IOTC convention area. At this stage, these pilot ecosystem plans aim to create awareness about the need for ecosystem planning, start a discussion about the elements that need to be part of a planning process, and initiate a discussion in ICCAT and IOTC about the potential needs of ecosystem plans and their function. Finally, this project provided recommendations to foster the potential development, use, and implementation of ecosystem plans in ICCAT and IOTC

Digital reconstruction of the inner ear of Leptictidium auderiense (Leptictida, Mammalia) and North American leptictids reveals new insight into leptictidan locomotor agility

Leptictida are basal Paleocene to Oligocene eutherians from Europe and North America comprising species with highly specialized postcranial features including elongated hind limbs. Among them, the European Leptictidium was probably a bipedal runner or jumper. Because the semicircular canals of the inner ear are involved in detecting angular acceleration of the head, their morphometry can be used as a proxy to elucidate the agility in fossil mammals. Here we provide the first insight into inner ear anatomy and morphometry of Leptictida based on high-resolution computed tomography of a new specimen of Leptictidium auderiense from the middle Eocene Messel Pit (Germany) and specimens of the North American Leptictis and Palaeictops. The general morphology of the bony labyrinth reveals several plesiomorphic mammalian features, such as a secondary crus commune. Leptictidium is derived from the leptictidan groundplan in lacking the secondary bony lamina and having proportionally larger semicircular canals than the leptictids under study. Our estimations reveal that Leptictidium was a very agile animal with agility score values (4.6 and 5.5, respectively) comparable to Macroscelidea and extant bipedal saltatory placentals. Leptictis and Palaeictops have lower agility scores (3.4 to 4.1), which correspond to the more generalized types of locomotion (e.g., terrestrial, cursorial) of most extant mammals. In contrast, the angular velocity magnitude predicted from semicircular canal angles supports a conflicting pattern of agility among leptictidans, but the significance of these differences might be challenged when more is known about intraspecific variation and the pattern of semicircular canal angles in non-primate mammals

Efficient and Provable White-Box Primitives

International audienceIn recent years there have been several attempts to build white-box block ciphers whose implementations aim to be incompress-ible. This includes the weak white-box ASASA construction by Bouil-laguet, Biryukov and Khovratovich from Asiacrypt 2014, and the recent space-hard construction by Bogdanov and Isobe from CCS 2015. In this article we propose the first constructions aiming at the same goal while offering provable security guarantees. Moreover we propose concrete instantiations of our constructions, which prove to be quite efficient and competitive with prior work. Thus provable security comes with a surprisingly low overhead

FPL: White-Box Secure Block Cipher Using Parallel Table Look-Ups

In this work, we propose a new table-based block cipher structure, dubbed $\mathsf{FPL}$, that can be used to build white-box secure block ciphers. Our construction is a balanced Feistel cipher, where the input to each round function determines multiple indices for the underlying table via a probe function, and the sum of the values from the table becomes the output of the round function. We identify the properties of the probe function that make the resulting block cipher white-box secure in terms of weak and strong space hardness against known-space and non-adaptive chosen-space attacks. Our construction, enjoying rigorous provable security without relying on any ideal primitive, provides flexibility to the block size and the table size, and permits parallel table look-ups. We also propose a concrete instantiation of $\mathsf{FPL}$, dubbed $\mathsf{FPL}_{\mathsf{AES}}$, using (round-reduced) $\mathsf{AES}$ for the underlying table and probe functions. Our implementation shows that $\mathsf{FPL}_{\mathsf{AES}}$ provides stronger security without significant loss of efficiency, compared to existing schemes including $\mathsf{SPACE}$, $\mathsf{WhiteBlock}$ and $\mathsf{WEM}$

The Evolution of Bat Vestibular Systems in the Face of Potential Antagonistic Selection Pressures for Flight and Echolocation

PMCID: PMC3634842This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited

Appropriate referral and selection of patients with chronic pain for spinal cord stimulation: European consensus recommendations and e-health tool

Background: Spinal cord stimulation (SCS) is an established treatment for chronic neuropathic, neuropathic-like and ischaemic pain. However, the heterogeneity of patients in daily clinical practice makes it often challenging to determine which patients are eligible for this treatment, resulting in undesirable practice variations. This study aimed to establish patient-specific recommendations for referral and selection of SCS in chronic pain. Methods: A multidisciplinary European panel used the RAND/UCLA Appropriateness Method (RUAM) to assess the appropriateness of (referral for) SCS for 386 clinical scenarios in four pain areas: chronic low back pain and/or leg pain, complex regional pain syndrome, neuropathic pain syndromes and ischaemic pain syndromes. In addition, the panel identified a set of psychosocial factors that are relevant to the decision for SCS treatment. Results: Appropriateness of SCS was strongly determined by the neuropathic or neuropathic-like pain component, location and spread of pain, anatomic abnormalities and previous response to therapies targeting pain processing (e.g. nerve block). Psychosocial factors considered relevant for SCS selection were as follows: lack of engagement, dysfunctional coping, unrealistic expectations, inadequate daily activity level, problematic social support, secondary gain, psychological distress and unwillingness to reduce high-dose opioids. An educational e-health tool was developed that combines clinical and psychosocial factors into an advice on referral/selection for SCS. Conclusions: The RUAM was useful to establish a consensus on patient-specific criteria for referral/selection for SCS in chronic pain. The e-health tool may help physicians learn to apply an integrated approach of clinical and psychosocial factors. Significance: Determining the eligibility of SCS in patients with chronic pain requires careful consideration of a variety of clinical and psychosocial factors. Using a systematic approach to combine evidence from clinical studies and expert opinion, a multidisciplinary European expert panel developed detailed recommendations to support appropriate referral and selection for SCS in chronic pain. These recommendations are available as an educational e-health tool (https://www.scstool.org/)

Exponentiating in Pairing Groups

We study exponentiations in pairing groups for the most common security levels and show that, although the Weierstrass model is preferable for pairing computation, it can be worthwhile to map to alternative curve representations for the non-pairing group operations in protocols

Heterogeneity and Strategic Choices: The Case of Stock Repurchases

Strategic decisions are fundamentally tough choices. Theory suggests that managers are likely to display bounded rationality. Empirics on the other hand assume rationality in choice behavior. Recognizing this inherent disconnect between theory and empirics, we try to account for behavioral biases using a theoretically consistent choice model. The traditional approach to modeling strategic choice has been to use discrete choice models and make inference on the conditional mean effects. We argue that the conditional mean effect does not capture behavioral biases. The focus should be on the conditional variance. Explicitly modeling the conditional variance (in the discrete choice framework) provides us with valuable information on individual level variation in decision-making. We demonstrate the effect of ignoring the role of variance in choice modeling in the context of firm’s decisions to conduct open market repurchases. We show that when taking into account the heterogeneity in choices, manager’s choices of conducting open market repurchases displays considerable heterogeneity and that not accounting for such heterogeneity might lead to wrong conclusions on the mean effects