A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder

We propose a new encoding algorithm for the simultaneous differential multidimensional scalar point multiplication algorithm $d$-MUL. Previous encoding algorithms are known to have major drawbacks in their efficient and secure implementation. Some of these drawbacks have been avoided in a recent paper in 2018 at a cost of losing the general functionality of the point multiplication algorithm. In this paper, we address these issues. Our new encoding algorithm takes the binary representations of scalars as input, and constructs a compact binary sequence and a permutation, which explicitly determines a regular sequence of group operations to be performed in $d$-MUL. Our algorithm simply slides windows of size two over the scalars and it is very efficient. As a result, while preserving the full generality of $d$-MUL, we successfully eliminate the recursive integer matrix computations in the originally proposed encoding algorithms. We also expect that our new encoding algorithm will make it easier to implement $d$-MUL in constant time. Our results can be seen as the efficient and full generalization of the one dimensional Montgomery ladder to arbitrary dimension

Scaling Up the 2010 World Health Organization HIV Treatment Guidelines in Resource-Limited Settings: A Model-Based Analysis

Rochelle Walensky and colleagues use a model-based analysis to examine which of the 2010 WHO antiretroviral therapy guidelines should be implemented first in resource-limited settings by ranking them according to survival, cost-effectiveness, and equity

Low-Weight Primes for Lightweight Elliptic Curve Cryptography on 8-bit AVR Processors

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to wireless sensor nodes. Many of these applications require asymmetric encryption or authentication, which has spurred a body of research into implementation aspects of Elliptic Curve Cryptography (ECC) on the AVR platform. In this paper, we study the suitability of a special class of finite fields, the so-called Optimal Prime Fields (OPFs), for a "lightweight" implementation of ECC with a view towards high performance and security. An OPF is a finite field Fp defined by a prime of the form p = u*2^k + v, whereby both u and v are "small" (in relation to 2^k) so that they fit into one or two registers of an AVR processor. OPFs have a low Hamming weight, which allows for a very efficient implementation of the modular reduction since only the non-zero words of p need to be processed. We describe a special variant of Montgomery multiplication for OPFs that does not execute any input-dependent conditional statements (e.g. branch instructions) and is, hence, resistant against certain side-channel attacks. When executed on an Atmel ATmega processor, a multiplication in a 160-bit OPF takes just 3237 cycles, which compares favorably with other implementations of 160-bit modular multiplication on an 8-bit processor. We also describe a performance-optimized and a security-optimized implementation of elliptic curve scalar multiplication over OPFs. The former uses a GLV curve and executes in 4.19M cycles (over a 160-bit OPF), while the latter is based on a Montgomery curve and has an execution time of approximately 5.93M cycles. Both results improve the state-of-the-art in lightweight ECC on 8-bit processors

Resource Utilization and Cost-Effectiveness of Counselor- vs. Provider-Based Rapid Point-of-Care HIV Screening in the Emergency Department

Routine HIV screening in emergency department (ED) settings may require dedicated personnel. We evaluated the outcomes, costs and cost-effectiveness of HIV screening when offered by either a member of the ED staff or by an HIV counselor.We employed a mathematical model to extend data obtained from a randomized clinical trial of provider- vs. counselor-based HIV screening in the ED. We compared the downstream survival, costs, and cost-effectiveness of three HIV screening modalities: 1) no screening program; 2) an ED provider-based program; and 3) an HIV counselor-based program. Trial arm-specific data were used for test offer and acceptance rates (provider offer 36%, acceptance 75%; counselor offer 80%, acceptance 71%). Undiagnosed HIV prevalence (0.4%) and linkage to care rates (80%) were assumed to be equal between the screening modalities. Personnel costs were derived from trial-based resource utilization data. We examined the generalizability of results by conducting sensitivity analyses on offer and acceptance rates, undetected HIV prevalence, and costs.Estimated HIV screening costs in the provider and counselor arms averaged $8.10 and$31.00 per result received. The Provider strategy (compared to no screening) had an incremental cost-effectiveness ratio of $58,700/quality-adjusted life year (QALY) and the Counselor strategy (compared to the Provider strategy) had an incremental cost-effectiveness ratio of$64,500/QALY. Results were sensitive to the relative offer and acceptance rates by strategy and the capacity of providers to target-screen, but were robust to changes in undiagnosed HIV prevalence and programmatic costs.The cost-effectiveness of provider-based HIV screening in an emergency department setting compares favorably to other US screening programs. Despite its additional cost, counselor-based screening delivers just as much return on investment as provider based-screening. Investment in dedicated HIV screening personnel is justified in situations where ED staff resources may be insufficient to provide comprehensive, sustainable screening services

Mobile HIV Screening in Cape Town, South Africa: Clinical Impact, Cost and Cost-Effectiveness

Background: Mobile HIV screening may facilitate early HIV diagnosis. Our objective was to examine the cost-effectiveness of adding a mobile screening unit to current medical facility-based HIV testing in Cape Town, South Africa. Methods and Findings: We used the Cost Effectiveness of Preventing AIDS Complications International (CEPAC-I) computer simulation model to evaluate two HIV screening strategies in Cape Town: 1) medical facility-based testing (the current standard of care) and 2) addition of a mobile HIV-testing unit intervention in the same community. Baseline input parameters were derived from a Cape Town-based mobile unit that tested 18,870 individuals over 2 years: prevalence of previously undiagnosed HIV (6.6%), mean CD4 count at diagnosis (males 423/µL, females 516/µL), CD4 count-dependent linkage to care rates (males 31%–58%, females 49%–58%), mobile unit intervention cost (includes acquisition, operation and HIV test costs, $29.30 per negative result and$31.30 per positive result). We conducted extensive sensitivity analyses to evaluate input uncertainty. Model outcomes included site of HIV diagnosis, life expectancy, medical costs, and the incremental cost-effectiveness ratio (ICER) of the intervention compared to medical facility-based testing. We considered the intervention to be “very cost-effective” when the ICER was less than South Africa's annual per capita Gross Domestic Product (GDP) ($8,200 in 2012). We projected that, with medical facility-based testing, the discounted (undiscounted) HIV-infected population life expectancy was 132.2 (197.7) months; this increased to 140.7 (211.7) months with the addition of the mobile unit. The ICER for the mobile unit was$2,400/year of life saved (YLS). Results were most sensitive to the previously undiagnosed HIV prevalence, linkage to care rates, and frequency of HIV testing at medical facilities. Conclusion: The addition of mobile HIV screening to current testing programs can improve survival and be very cost-effective in South Africa and other resource-limited settings, and should be a priority

Assessing the Performance of a Computer-Based Policy Model of HIV and AIDS

BACKGROUND. Model-based analyses, conducted within a decision analytic framework, provide a systematic way to combine information about the natural history of disease and effectiveness of clinical management strategies with demographic and epidemiological characteristics of the population. Among the challenges with disease-specific modeling include the need to identify influential assumptions and to assess the face validity and internal consistency of the model. METHODS AND FINDINGS. We describe a series of exercises involved in adapting a computer-based simulation model of HIV disease to the Women's Interagency HIV Study (WIHS) cohort and assess model performance as we re-parameterized the model to address policy questions in the U.S. relevant to HIV-infected women using data from the WIHS. Empiric calibration targets included 24-month survival curves stratified by treatment status and CD4 cell count. The most influential assumptions in untreated women included chronic HIV-associated mortality following an opportunistic infection, and in treated women, the 'clinical effectiveness' of HAART and the ability of HAART to prevent HIV complications independent of virologic suppression. Good-fitting parameter sets required reductions in the clinical effectiveness of 1st and 2nd line HAART and improvements in 3rd and 4th line regimens. Projected rates of treatment regimen switching using the calibrated cohort-specific model closely approximated independent analyses published using data from the WIHS. CONCLUSIONS. The model demonstrated good internal consistency and face validity, and supported cohort heterogeneities that have been reported in the literature. Iterative assessment of model performance can provide information about the relative influence of uncertain assumptions and provide insight into heterogeneities within and between cohorts. Description of calibration exercises can enhance the transparency of disease-specific models.National Institute of Allergy and Infectious Diseases (R37 AI042006, K24 AI062476

The Effects of Governmental Protected Areas and Social Initiatives for Land Protection on the Conservation of Mexican Amphibians

Traditionally, biodiversity conservation gap analyses have been focused on governmental protected areas (PAs). However, an increasing number of social initiatives in conservation (SICs) are promoting a new perspective for analysis. SICs include all of the efforts that society implements to conserve biodiversity, such as land protection, from private reserves to community zoning plans some of which have generated community-protected areas. This is the first attempt to analyze the status of conservation in Latin America when some of these social initiatives are included. The analyses were focused on amphibians because they are one of the most threatened groups worldwide. Mexico is not an exception, where more than 60% of its amphibians are endemic. We used a niche model approach to map the potential and real geographical distribution (extracting the transformed areas) of the endemic amphibians. Based on remnant distribution, all the species have suffered some degree of loss, but 36 species have lost more than 50% of their potential distribution. For 50 micro-endemic species we could not model their potential distribution range due to the small number of records per species, therefore the analyses were performed using these records directly. We then evaluated the efficiency of the existing set of governmental protected areas and established the contribution of social initiatives (private and community) for land protection for amphibian conservation. We found that most of the species have some proportion of their potential ecological niche distribution protected, but 20% are not protected at all within governmental PAs. 73% of endemic and 26% of micro-endemic amphibians are represented within SICs. However, 30 micro-endemic species are not represented within either governmental PAs or SICs. This study shows how the role of land conservation through social initiatives is therefore becoming a crucial element for an important number of species not protected by governmental PAs

Cortical Surround Interactions and Perceptual Salience via Natural Scene Statistics

Spatial context in images induces perceptual phenomena associated with salience and modulates the responses of neurons in primary visual cortex (V1). However, the computational and ecological principles underlying contextual effects are incompletely understood. We introduce a model of natural images that includes grouping and segmentation of neighboring features based on their joint statistics, and we interpret the firing rates of V1 neurons as performing optimal recognition in this model. We show that this leads to a substantial generalization of divisive normalization, a computation that is ubiquitous in many neural areas and systems. A main novelty in our model is that the influence of the context on a target stimulus is determined by their degree of statistical dependence. We optimized the parameters of the model on natural image patches, and then simulated neural and perceptual responses on stimuli used in classical experiments. The model reproduces some rich and complex response patterns observed in V1, such as the contrast dependence, orientation tuning and spatial asymmetry of surround suppression, while also allowing for surround facilitation under conditions of weak stimulation. It also mimics the perceptual salience produced by simple displays, and leads to readily testable predictions. Our results provide a principled account of orientation-based contextual modulation in early vision and its sensitivity to the homogeneity and spatial arrangement of inputs, and lends statistical support to the theory that V1 computes visual salience

Efficient Ephemeral Elliptic Curve Cryptographic Keys

We show how any pair of authenticated users can on-the-fly agree on an elliptic curve group that is unique to their communication session, unpredictable to outside observers, and secure against known attacks. Our proposal is suitable for deployment on constrained devices such as smartphones, allowing them to efficiently generate ephemeral parameters that are unique to any single cryptographic application such as symmetric key agreement. For such applications it thus offers an alternative to long term usage of standardized or otherwise pre-generated elliptic curve parameters, obtaining security against cryptographic attacks aimed at other users, and eliminating the need to trust elliptic curves generated by third parties