Erythrocyte sedimentation rate as a marker of inflammation and ongoing coagulation in stroke and transient ischaemic attack

No abstract. South African Medical Journal Vol. 95 (8) 2005: 607-61

Design and Reliability Performance Evaluation of Network Coding Schemes for Lossy Wireless Networks

This thesis investigates lossy wireless networks, which are wireless communication networks consisting of lossy wireless links, where the packet transmission via a lossy wireless link is successful with a certain value of probability. In particular, this thesis analyses all-to-all broadcast in lossy wireless networks, where every node has a native packet to transmit to all other nodes in the network. A challenge of all-to-all broadcast in lossy wireless networks is the reliability, which is defined as the probability that every node in the network successfully obtains a copy of the native packets of all other nodes. In this thesis, two novel network coding schemes are proposed, which are the neighbour network coding scheme and the random neighbour network coding scheme. In the two proposed network coding schemes, a node may perform a bit-wise exclusive or (XOR) operation to combine the native packet of itself and the native packet of its neighbour, called the coding neighbour, into an XOR coded packet. The reliability of all-to-all broadcast under both the proposed network coding schemes is investigated analytically using Markov chains. It is shown that the reliability of all-to-all broadcast can be improved considerably by employing the proposed network coding schemes, compared with non-coded networks with the same link conditions, i.e. same probabilities of successful packet transmission via wireless channels. Further, the proposed schemes take the link conditions of each node into account to maximise the reliability of a given network. To be more precise, the first scheme proposes the optimal coding neighbour selection method while the second scheme introduces a tuning parameter to control the probability that a node performs network coding at each transmission. The observation that channel condition can have a significant impact on the performance of network coding schemes is expected to be applicable to other network coding schemes for lossy wireless networks

A Family of Lightweight Twisted Edwards Curves for the Internet of Things

We introduce a set of four twisted Edwards curves that satisfy common security requirements and allow for fast implementations of scalar multiplication on 8, 16, and 32-bit processors. Our curves are defined by an equation of the form -x^2 + y^2 = 1 + dx^2y^2 over a prime field Fp, where d is a small non-square modulo p. The underlying prime fields are based on "pseudo-Mersenne" primes given by p = 2^k - c and have in common that p is congruent to 5 modulo 8, k is a multiple of 32 minus 1, and c is at most eight bits long. Due to these common features, our primes facilitate a parameterized implementation of the low-level arithmetic so that one and the same arithmetic function is able to process operands of different length. Each of the twisted Edwards curves we introduce in this paper is birationally equivalent to a Montgomery curve of the form -(A+2)y^2 = x^3 + Ax^2 + x where 4/(A+2) is small. Even though this contrasts with the usual practice of choosing A such that (A+2)/4 is small, we show that the Montgomery form of our curves allows for an equally efficient implementation of point doubling as Curve25519. The four curves we put forward roughly match the common security levels of 80, 96, 112 and 128 bits. In addition, their Weierstraß representations are isomorphic to curves of the form y^2 = x^3 - 3x + b so as to facilitate inter-operability with TinyECC and other legacy software

McBits Revisited

This paper presents a constant-time fast implementation for a high-security code-based encryption system. The implementation is based on the “McBits” paper by Bernstein, Chou, and Schwabe in 2013: we use the same FFT algorithms for root finding and syndrome computation, similar algorithms for secret permutation, and bitslicing for low-level operations. As opposed to McBits, where a high decryption throughput is achieved by running many decryption operations in parallel, we take a different approach to exploit the internal parallelism in one decryption operation for the use of more applications. As the result, we manage to achieve a slightly better decryption throughput at a much higher security level than McBits. As a minor contribution, we also present a constant-time implementation for encryption and key-pair generation, with similar techniques used for decryption

Quantum resource estimates for computing elliptic curve discrete logarithms

We give precise quantum resource estimates for Shor's algorithm to compute discrete logarithms on elliptic curves over prime fields. The estimates are derived from a simulation of a Toffoli gate network for controlled elliptic curve point addition, implemented within the framework of the quantum computing software tool suite LIQ$Ui|\rangle$. We determine circuit implementations for reversible modular arithmetic, including modular addition, multiplication and inversion, as well as reversible elliptic curve point addition. We conclude that elliptic curve discrete logarithms on an elliptic curve defined over an $n$-bit prime field can be computed on a quantum computer with at most $9n + 2\lceil\log_2(n)\rceil+10$ qubits using a quantum circuit of at most $448 n^3 \log_2(n) + 4090 n^3$ Toffoli gates. We are able to classically simulate the Toffoli networks corresponding to the controlled elliptic curve point addition as the core piece of Shor's algorithm for the NIST standard curves P-192, P-224, P-256, P-384 and P-521. Our approach allows gate-level comparisons to recent resource estimates for Shor's factoring algorithm. The results also support estimates given earlier by Proos and Zalka and indicate that, for current parameters at comparable classical security levels, the number of qubits required to tackle elliptic curves is less than for attacking RSA, suggesting that indeed ECC is an easier target than RSA.Comment: 24 pages, 2 tables, 11 figures. v2: typos fixed and reference added. ASIACRYPT 201

A Single-Arm, Proof-Of-Concept Trial of Lopimune (Lopinavir/Ritonavir) as a Treatment for HPV-Related Pre-Invasive Cervical Disease

BACKGROUND: Cervical cancer is the most common female malignancy in the developing nations and the third most common cancer in women globally. An effective, inexpensive and self-applied topical treatment would be an ideal solution for treatment of screen-detected, pre-invasive cervical disease in low resource settings. METHODS: Between 01/03/2013 and 01/08/2013, women attending Kenyatta National Hospital's Family Planning and Gynaecology Outpatients clinics were tested for HIV, HPV (Cervista®) and liquid based cervical cytology (LBC -ThinPrep®). HIV negative women diagnosed as high-risk HPV positive with high grade squamous intraepithelial lesions (HSIL) were examined by colposcopy and given a 2 week course of 1 capsule of Lopimune (CIPLA) twice daily, to be self-applied as a vaginal pessary. Colposcopy, HPV testing and LBC were repeated at 4 and 12 weeks post-start of treatment with a final punch biopsy at 3 months for histology. Primary outcome measures were acceptability of treatment with efficacy as a secondary consideration. RESULTS: A total of 23 women with HSIL were treated with Lopimune during which time no adverse reactions were reported. A maximum concentration of 10 ng/ml of lopinavir was detected in patient plasma 1 week after starting treatment. HPV was no longer detected in 12/23 (52.2%, 95%CI: 30.6-73.2%). Post-treatment cytology at 12 weeks on women with HSIL, showed 14/22 (63.6%, 95%CI: 40.6-82.8%) had no dysplasia and 4/22 (18.2%, 95%CI: 9.9-65.1%) were now low grade demonstrating a combined positive response in 81.8% of women of which 77.8% was confirmed by histology. These data are supported by colposcopic images, which show regression of cervical lesions. CONCLUSIONS: These results demonstrate the potential of Lopimune as a self-applied therapy for HPV infection and related cervical lesions. Since there were no serious adverse events or detectable post-treatment morbidity, this study indicates that further trials are clearly justified to define optimal regimes and the overall benefit of this therapy. TRIAL REGISTRATION: ISRCTN Registry 48776874

A faster way to the CSIDH

Recently Castryck, Lange, Martindale, Panny, and Renes published CSIDH, a new key exchange scheme using supersingular elliptic curve isogenies. Due to its small key sizes, and the possibility of a non-interactive and a static-static key exchange, CSIDH seems very interesting for practical applications. However, the performance is rather slow. Therefore, we employ some techniques to speed up the algorithms, mainly by restructuring the elliptic curve point multiplications and by using twisted Edwards curves in the isogeny image curve computations, yielding a speed-up factor of 1.33 in comparison to the implementation of Castryck et al. Furthermore, we suggest techniques for constant-time implementations

Improved quantum circuits for elliptic curve discrete logarithms

We present improved quantum circuits for elliptic curve scalar multiplication, the most costly component in Shor's algorithm to compute discrete logarithms in elliptic curve groups. We optimize low-level components such as reversible integer and modular arithmetic through windowing techniques and more adaptive placement of uncomputing steps, and improve over previous quantum circuits for modular inversion by reformulating the binary Euclidean algorithm. Overall, we obtain an affine Weierstrass point addition circuit that has lower depth and uses fewer $T$ gates than previous circuits. While previous work mostly focuses on minimizing the total number of qubits, we present various trade-offs between different cost metrics including the number of qubits, circuit depth and $T$-gate count. Finally, we provide a full implementation of point addition in the Q# quantum programming language that allows unit tests and automatic quantum resource estimation for all components.Comment: 22 pages, to appear in: Int'l Conf. on Post-Quantum Cryptography (PQCrypto 2020

Low-Weight Primes for Lightweight Elliptic Curve Cryptography on 8-bit AVR Processors

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to wireless sensor nodes. Many of these applications require asymmetric encryption or authentication, which has spurred a body of research into implementation aspects of Elliptic Curve Cryptography (ECC) on the AVR platform. In this paper, we study the suitability of a special class of finite fields, the so-called Optimal Prime Fields (OPFs), for a "lightweight" implementation of ECC with a view towards high performance and security. An OPF is a finite field Fp defined by a prime of the form p = u*2^k + v, whereby both u and v are "small" (in relation to 2^k) so that they fit into one or two registers of an AVR processor. OPFs have a low Hamming weight, which allows for a very efficient implementation of the modular reduction since only the non-zero words of p need to be processed. We describe a special variant of Montgomery multiplication for OPFs that does not execute any input-dependent conditional statements (e.g. branch instructions) and is, hence, resistant against certain side-channel attacks. When executed on an Atmel ATmega processor, a multiplication in a 160-bit OPF takes just 3237 cycles, which compares favorably with other implementations of 160-bit modular multiplication on an 8-bit processor. We also describe a performance-optimized and a security-optimized implementation of elliptic curve scalar multiplication over OPFs. The former uses a GLV curve and executes in 4.19M cycles (over a 160-bit OPF), while the latter is based on a Montgomery curve and has an execution time of approximately 5.93M cycles. Both results improve the state-of-the-art in lightweight ECC on 8-bit processors