Provable security for lightweight message authentication and encryption

The birthday bound often limits the security of a cryptographic scheme to half of the block size or internal state size. This implies that cryptographic schemes require a block size or internal state size that is twice the security level, resulting in larger and more resource-intensive designs. In this thesis, we introduce abstract constructions for message authentication codes and stream ciphers that we demonstrate to be secure beyond the birthday bound. Our message authentication codes were inspired by previous work, specifically the message authentication code EWCDM by Cogliati and Seurin, as well as the work by Mennink and Neves, which demonstrates easy proofs of security for the sum of permutations and an improved bound for EWCDM. We enhance the sum of permutations by incorporating a hash value and a nonce in our stateful design, and in our stateless design, we utilize two hash values. One advantage over EWCDM is that the permutation calls, or block cipher calls, can be parallelized, whereas in EWCDM they must be performed sequentially. We demonstrate that our constructions provide a security level of 2n/3 bits in the nonce-respecting setting. Subsequently, this bound was further improved to 3n/4 bits of security. Additionally, it was later discovered that security degrades gracefully with nonce repetitions, unlike EWCDM, where the security drops to the birthday bound with a single nonce repetition. Contemporary stream cipher designs aim to minimize the hardware module's resource requirements by incorporating an externally available resource, all while maintaining a high level of security. The security level is typically measured in relation to the size of the volatile internal state, i.e., the state cells within the cipher's hardware module. Several designs have been proposed that continuously access the externally available non-volatile secret key during keystream generation. However, there exists a generic distinguishing attack with birthday bound complexity. We propose schemes that continuously access the externally available non-volatile initial value. For all constructions, conventional or contemporary, we provide proofs of security against generic attacks in the random oracle model. Notably, stream ciphers that use the non-volatile initial value during keystream generation offer security beyond the birthday bound. Based on these findings, we propose a new stream cipher design called DRACO

Extensive histological sampling following focal therapy of clinically significant prostate cancer with high-intensity focused ultrasound

PURPOSE Clinically significant localized prostate cancer (PCa) is currently treated using whole-gland therapy. This approach is effective but is associated with genitourinary and rectal side-effects. Focal therapy of PC has been proposed as an alternative. The aim of the study was to determine the oncologic and functional outcomes of focal high-intensity focused ultrasound (HIFU) therapy for PCa. METHODS This was a single-centre prospective study in which 75 men were treated between 04/2014 and 04/2018. Multiparametric magnetic resonance imaging (mpMRI) and transperineal template saturation prostate biopsies (TTSPB) were performed to localise PCa, followed by focal ablation using HIFU. The primary endpoint was detection of clinically significant prostate cancer (Gleason score ≥7, csPCa) at the 6 months follow-up TTSPB. Of secondary interest were the genitourinary side effects. RESULTS The median age was 67 yrs (interquartile range [IQR] 60-71) and prostate-specific antigen (PSA) was 5.87 ng/ml (4.64-7.44). There were five (6.7%) low-risk and 70 (93.3%) intermediate-risk cancers. CsPCa was detected in 41% (95% CI: 30.3%- 53.0%) of men undergoing biopsy at 6 months with a median sampled core number of 44 (IQR 36-44). PSA (OR 1.17 [0.49-2.85], p=0.71) and mpMRI (sensitivity 14.3% [6.7-31.5%]) performed poorly in prediction of positive biopsies. Pad-free continence and erections sufficient for penetration were preserved in 63/64 (98.4%) and 31/45 (68.9%) patients, respectively. CONCLUSION Focal therapy using HIFU leads to a low rate of genitourinary side-effects. Follow-up biopsy of the treated and untreated prostate remains the only modality to adequately select men in need of early salvage treatment