Minimizing the Two-Round Even-Mansour Cipher

The $r$-round (iterated) \emph{Even-Mansour cipher} (also known as \emph{key-alternating cipher}) defines a block cipher from $r$ fixed public $n$-bit permutations $P_1,\ldots,P_r$ as follows: given a sequence of $n$-bit round keys $k_0,\ldots,k_r$, an $n$-bit plaintext $x$ is encrypted by xoring round key $k_0$, applying permutation $P_1$, xoring round key $k_1$, etc. The (strong) pseudorandomness of this construction in the random permutation model (i.e., when the permutations $P_1,\ldots,P_r$ are public random permutation oracles that the adversary can query in a black-box way) was studied in a number of recent papers, culminating with the work of Chen and Steinberger (EUROCRYPT~2014), who proved that the $r$-round Even-Mansour cipher is indistinguishable from a truly random permutation up to $O(2^{\frac{rn}{r+1}})$ queries of any adaptive adversary (which is an optimal security bound since it matches a simple distinguishing attack). All results in this entire line of work share the common restriction that they only hold under the assumption that \emph{the round keys $k_0,\ldots,k_r$ and the permutations $P_1,\ldots,P_r$ are independent}. In particular, for two rounds, the current state of knowledge is that the block cipher $E(x)=k_2\oplus P_2(k_1\oplus P_1(k_0\oplus x))$ is provably secure up to $O(2^{2n/3})$ queries of the adversary, when $k_0$, $k_1$, and $k_2$ are three independent $n$-bit keys, and $P_1$ and $P_2$ are two independent random $n$-bit permutations. In this paper, we ask whether one can obtain a similar bound for the two-round Even-Mansour cipher \emph{from just one $n$-bit key and one $n$-bit permutation}. Our answer is positive: when the three $n$-bit round keys $k_0$, $k_1$, and $k_2$ are adequately derived from an $n$-bit master key $k$, and the same permutation $P$ is used in place of $P_1$ and $P_2$, we prove a qualitatively similar $\tilde{O}(2^{2n/3})$ security bound (in the random permutation model). To the best of our knowledge, this is the first ``beyond the birthday bound\u27\u27 security result for AES-like ciphers that does not assume independent round keys

Modeling Planarian Regeneration: A Primer for Reverse-Engineering the Worm

A mechanistic understanding of robust self-assembly and repair capabilities of complex systems would have enormous implications for basic evolutionary developmental biology as well as for transformative applications in regenerative biomedicine and the engineering of highly fault-tolerant cybernetic systems. Molecular biologists are working to identify the pathways underlying the remarkable regenerative abilities of model species that perfectly regenerate limbs, brains, and other complex body parts. However, a profound disconnect remains between the deluge of high-resolution genetic and protein data on pathways required for regeneration, and the desired spatial, algorithmic models that show how self-monitoring and growth control arise from the synthesis of cellular activities. This barrier to progress in the understanding of morphogenetic controls may be breached by powerful techniques from the computational sciences—using non-traditional modeling approaches to reverse-engineer systems such as planaria: flatworms with a complex bodyplan and nervous system that are able to regenerate any body part after traumatic injury. Currently, the involvement of experts from outside of molecular genetics is hampered by the specialist literature of molecular developmental biology: impactful collaborations across such different fields require that review literature be available that presents the key functional capabilities of important biological model systems while abstracting away from the often irrelevant and confusing details of specific genes and proteins. To facilitate modeling efforts by computer scientists, physicists, engineers, and mathematicians, we present a different kind of review of planarian regeneration. Focusing on the main patterning properties of this system, we review what is known about the signal exchanges that occur during regenerative repair in planaria and the cellular mechanisms that are thought to underlie them. By establishing an engineering-like style for reviews of the molecular developmental biology of biomedically important model systems, significant fresh insights and quantitative computational models will be developed by new collaborations between biology and the information sciences

Lower glycolysis carries a higher flux than any biochemically possible alternative

The universality of many pathways of core metabolism suggests a strong role for evolutionary selection, but it remains unclear whether existing pathways have been selected from a large or small set of biochemical possibilities. To address this question, we construct "in silico" all possible biochemically feasible alternatives to the trunk pathway of glycolysis and gluconeogenesis, one of the most highly conserved pathways in metabolism. We show that, even though a large number of alternative pathways exist, the alternatives carry lower flux than the real pathway under typical physiological conditions. Alternative pathways that could potentially carry higher flux often lead to infeasible intermediate metabolite concentrations. We also find that if physiological conditions were different, different pathways could outperform those found in nature. Our results demonstrate how the rules of biochemistry restrict the alternatives that are open to evolution, and suggest that the existing trunk pathway of glycolysis and gluconeogenesis represents a maximal flux solution.Comment: 9 pages, 4 figure

Minimization of total absolute deviation for a common due date

[[abstract]]This study addresses a non-preemptive single-machine scheduling problem with specific penalty parameters for each job in which all jobs have a common due date and zero ready time. Jobs scheduling attempts to minimize the sum of earliness and tardiness (E/T) penalty. Just in Time (JIT) initiated by Toyota in 1960 has since been considered an important notion in an increasingly competitive industrial market. Tardiness is unacceptable, whereas earliness also means waste of resources and increases inventory costs. This study considers a single machine JIT scheduling problem with common due date in a restricted version of the problem with specific penalties. Due to the Non-deterministic Polynomial-time hard property of the problem, solving the problem optimally is impractical. Therefore, this study applies three heuristic algorithms to solve the single machine JIT scheduling problem and compares their computational performance. Data implications are discussed in detail