151 research outputs found
Forensic psychiatry in Africa: prospects and challenges
Forensic Psychiatry has a history that dates back almost two thousand years, and has evolved into a recognised discipline with a robust background of scientific enquiry, mostly because mental health care has always had an important interface with the law. 1 Nevertheless, even in the developed world there are differences between countries with respect to the extent forensic mental health services have developed. This has been exacerbated by the differences in legal systems, resources and priorities in each country. Consequently comparisons and cooperation between forensic psychiatrists internationally has been difficult. 2-4 In Africa, which is the second largest and most populous continent and containing an immense diversity of languages, religious traditions, ethnic groups and sociopolitical systems forensic psychiatry has largely remained underdeveloped within the context of a pervasive neglect in the provision of mental health services. 5 The situation is compounded by the dearth of information about forensic services on the continent. As described by an eminent African psychiatrist, “the practice of forensic psychiatry in Africa is shrouded in both mystery and confusion”. 6 In addition to the lack of appropriate facilities, most countries in Africa have, on average, one psychiatrist per one million inhabitants. Moreover many psychiatrists have migrated to developed countries, leaving a small number of mental health professionals burdened with large numbers of patients. 6 In most countries there are few coordinated initiatives to involve all stakeholders, such as the police, departments of justice, prisons and hospitals, in the development of forensic mental health services
Quantum resource estimates for computing elliptic curve discrete logarithms
We give precise quantum resource estimates for Shor's algorithm to compute
discrete logarithms on elliptic curves over prime fields. The estimates are
derived from a simulation of a Toffoli gate network for controlled elliptic
curve point addition, implemented within the framework of the quantum computing
software tool suite LIQ. We determine circuit implementations for
reversible modular arithmetic, including modular addition, multiplication and
inversion, as well as reversible elliptic curve point addition. We conclude
that elliptic curve discrete logarithms on an elliptic curve defined over an
-bit prime field can be computed on a quantum computer with at most qubits using a quantum circuit of at most Toffoli gates. We are able to classically simulate the
Toffoli networks corresponding to the controlled elliptic curve point addition
as the core piece of Shor's algorithm for the NIST standard curves P-192,
P-224, P-256, P-384 and P-521. Our approach allows gate-level comparisons to
recent resource estimates for Shor's factoring algorithm. The results also
support estimates given earlier by Proos and Zalka and indicate that, for
current parameters at comparable classical security levels, the number of
qubits required to tackle elliptic curves is less than for attacking RSA,
suggesting that indeed ECC is an easier target than RSA.Comment: 24 pages, 2 tables, 11 figures. v2: typos fixed and reference added.
ASIACRYPT 201
Improved quantum circuits for elliptic curve discrete logarithms
We present improved quantum circuits for elliptic curve scalar
multiplication, the most costly component in Shor's algorithm to compute
discrete logarithms in elliptic curve groups. We optimize low-level components
such as reversible integer and modular arithmetic through windowing techniques
and more adaptive placement of uncomputing steps, and improve over previous
quantum circuits for modular inversion by reformulating the binary Euclidean
algorithm. Overall, we obtain an affine Weierstrass point addition circuit that
has lower depth and uses fewer gates than previous circuits. While previous
work mostly focuses on minimizing the total number of qubits, we present
various trade-offs between different cost metrics including the number of
qubits, circuit depth and -gate count. Finally, we provide a full
implementation of point addition in the Q# quantum programming language that
allows unit tests and automatic quantum resource estimation for all components.Comment: 22 pages, to appear in: Int'l Conf. on Post-Quantum Cryptography
(PQCrypto 2020
Generalized Matsui Algorithm 1 with application for the full DES
In this paper we introduce the strictly zero-correlation attack. We extend the work of Ashur and Posteuca in BalkanCryptSec 2018 and build a 0-correlation key-dependent linear trails covering the full DES. We show how this approximation can be used for a key recovery attack and empirically verify our claims through a series of experiments. To the best of our knowledge, this paper is the first to use this kind of property to leverage a meaningful attack against a symmetric-key algorithm
A New Test Statistic for Key Recovery Attacks Using Multiple Linear Approximations
The log-likelihood ratio (LLR) and the chi-squared distribution based test statistics have been proposed in the literature for
performing statistical analysis of key recovery attacks on block ciphers. A limitation of the LLR test statistic is that its
application requires the full knowledge of the corresponding distribution. Previous work using the chi-squared approach required
{\em approximating} the distribution of the relevant test statistic by chi-squared and normal distributions. Problematic issues
regarding such approximations have been reported in the literature.
Perhaps more importantly, both the LLR and the chi-squared based methods are applicable only if the success probability is
greater than 0.5. On the other hand, an attack with success probability less than is also of considerable interest.
This work proposes a new test statistic for key recovery attacks which has the following features.
Its application does not require the full knowledge of the underlying distribution; it is possible to carry out an analysis using this
test statistic without using any approximations; the method applies for all values of the success probability.
The statistical analysis of the new test statistic follows the hypothesis testing framework and uses Hoeffding\u27s inequalities to
bound the probabilities of Type-I and Type-II errors
Koinonia: verifiable e-voting with long-term privacy
Despite years of research, many existing e-voting systems do not adequately protect voting privacy. In most cases, such systems only achieve "immediate privacy", that is, they only protect voting privacy against today's adversaries, but not against a future adversary, who may possess better attack technologies like new cryptanalysis algorithms and/or quantum computers. Previous attempts at providing long-term voting privacy (dubbed "everlasting privacy" in the literature) often require additional trusts in parties that do not need to be trusted for immediate privacy.
In this paper, we present a framework of adversary models regarding e-voting systems, and analyze possible threats to voting privacy under each model. Based on our analysis, we argue that secret-sharing based voting protocols offer a more natural and elegant privacy-preserving solution than their encryption-based counterparts. We thus design and implement Koinonia, a voting system that provides long-term privacy against powerful adversaries and enables anyone to verify that each ballot is well-formed and the tallying is done correctly. Our experiments show that Koinonia protects voting privacy with a reasonable performance
- …