New Design Techniques for Efficient Arithmetization-Oriented Hash Functions: Anemoi Permutations and Jive Compression Mode

International audienc

New optimization techniques for PlonK’s arithmetization

PlonK is a universal and updatable zk-SNARK for general circuit satisfiability that allows a verifier to check the validity of a certain NP statement very efficiently, optionally in zero-knowledge. PlonK requires that the NP relation of interest be expressed as a system of so-called PlonK constraints. Such conversion is complex and can be implemented in various ways, having a great impact on the prover complexity (which is typically linearithmic in the number of PlonK constraints). We propose several general results for simplifying PlonK constraint systems, which produce more compact but equivalent systems and can lead to significant performance improvements. We also develop an automated optimizer of constraints, based on our techniques, that can be used to construct very compact and less error-prone constraint systems, favoring a more auditable circuit design. Finally, we demonstrate the potential of our techniques by implementing optimized constraint systems for the Poseidon hash, obtaining the most compact representations in the Turbo-PlonK model with minimal custom gates. En route, we devise a novel optimization idea for implementing Poseidon partial rounds and show that it can be applied to both simplifying SNARK circuits and achieving performance improvements in CPU implementations of the Poseidon hash

New Design Techniques for Efficient Arithmetization-Oriented Hash Functions:Anemoi Permutations and Jive Compression Mode

Advanced cryptographic protocols such as Zero-knowledge (ZK) proofs of knowledge, widely used in cryptocurrency applications such as Zcash, Monero, Filecoin, Tezos, Topos, demand new cryptographic hash functions that are efficient not only over the binary field $\mathbb{F}_2$, but also over large fields of prime characteristic $\mathbb{F}_p$. This need has been acknowledged by the wider community and new so-called Arithmetization-Oriented (AO) hash functions have been proposed, e.g. MiMC-Hash, Rescue-Prime, Poseidon, Reinforced Concrete and Griffin to name a few. In this paper we propose Anemoi: a new family of ZK-friendly permutations, that can be used to construct efficient hash functions and compression functions. The main features of these algorithms are that 1) they are designed to be efficient within multiple proof systems (e.g. Groth16, Plonk, etc.), 2) they contain dedicated functions optimised for specific applications (namely Merkle tree hashing and general purpose hashing), 3) they have highly competitive performance e.g. about a factor of 2 improvement over Poseidon and Rescue-Prime in terms of R1CS constraints, a 21%-35% Plonk constraint reduction over a highly optimized Poseidon implementation, as well as competitive native performance, running between two and three times faster than Rescue-Prime, depending on the field size. On the theoretical side, Anemoi pushes further the frontier in understanding the design principles that are truly entailed by arithmetization-orientation. In particular, we identify and exploit a previously unknown relationship between CCZ-equivalence and arithmetization-orientation. In addition, we propose two new standalone components that can be easily reused in new designs. One is a new S-box called Flystel, based on the well-studied butterfly structure, and the second is Jive -- a new mode of operation, inspired by the ``Latin dance\u27\u27 symmetric algorithms (Salsa, ChaCha and derivatives). Our design is a conservative one: it uses a very classical Substitution-Permutation Network structure, and our detailed analysis of algebraic attacks highlights can be of independent interest

Natalizumab treatment shows low cumulative probabilities of confirmed disability worsening to EDSS milestones in the long-term setting.

Abstract Background Though the Expanded Disability Status Scale (EDSS) is commonly used to assess disability level in relapsing-remitting multiple sclerosis (RRMS), the criteria defining disability progression are used for patients with a wide range of baseline levels of disability in relatively short-term trials. As a result, not all EDSS changes carry the same weight in terms of future disability, and treatment benefits such as decreased risk of reaching particular disability milestones may not be reliably captured. The objectives of this analysis are to assess the probability of confirmed disability worsening to specific EDSS milestones (i.e., EDSS scores ≥3.0, ≥4.0, or ≥6.0) at 288 weeks in the Tysabri Observational Program (TOP) and to examine the impact of relapses occurring during natalizumab therapy in TOP patients who had received natalizumab for ≥24 months. Methods TOP is an ongoing, open-label, observational, prospective study of patients with RRMS in clinical practice. Enrolled patients were naive to natalizumab at treatment initiation or had received ≤3 doses at the time of enrollment. Intravenous natalizumab (300 mg) infusions were given every 4 weeks, and the EDSS was assessed at baseline and every 24 weeks during treatment. Results Of the 4161 patients enrolled in TOP with follow-up of at least 24 months, 3253 patients with available baseline EDSS scores had continued natalizumab treatment and 908 had discontinued (5.4% due to a reported lack of efficacy and 16.4% for other reasons) at the 24-month time point. Those who discontinued due to lack of efficacy had higher baseline EDSS scores (median 4.5 vs. 3.5), higher on-treatment relapse rates (0.82 vs. 0.23), and higher cumulative probabilities of EDSS worsening (16% vs. 9%) at 24 months than those completing therapy. Among 24-month completers, after approximately 5.5 years of natalizumab treatment, the cumulative probabilities of confirmed EDSS worsening by 1.0 and 2.0 points were 18.5% and 7.9%, respectively (24-week confirmation), and 13.5% and 5.3%, respectively (48-week confirmation). The risks of 24- and 48-week confirmed EDSS worsening were significantly higher in patients with on-treatment relapses than in those without relapses. An analysis of time to specific EDSS milestones showed that the probabilities of 48-week confirmed transition from EDSS scores of 0.0–2.0 to ≥3.0, 2.0–3.0 to ≥4.0, and 4.0–5.0 to ≥6.0 at week 288 in TOP were 11.1%, 11.8%, and 9.5%, respectively, with lower probabilities observed among patients without on-treatment relapses (8.1%, 8.4%, and 5.7%, respectively). Conclusions In TOP patients with a median (range) baseline EDSS score of 3.5 (0.0–9.5) who completed 24 months of natalizumab treatment, the rate of 48-week confirmed disability worsening events was below 15%; after approximately 5.5 years of natalizumab treatment, 86.5% and 94.7% of patients did not have EDSS score increases of ≥1.0 or ≥2.0 points, respectively. The presence of relapses was associated with higher rates of overall disability worsening. These results were confirmed by assessing transition to EDSS milestones. Lower rates of overall 48-week confirmed EDSS worsening and of transitioning from EDSS score 4.0–5.0 to ≥6.0 in the absence of relapses suggest that relapses remain a significant driver of disability worsening and that on-treatment relapses in natalizumab-treated patients are of prognostic importance

The Changing Landscape for Stroke\ua0Prevention in AF: Findings From the GLORIA-AF Registry Phase 2

Background GLORIA-AF (Global Registry on Long-Term Oral Antithrombotic Treatment in Patients with Atrial Fibrillation) is a prospective, global registry program describing antithrombotic treatment patterns in patients with newly diagnosed nonvalvular atrial fibrillation at risk of stroke. Phase 2 began when dabigatran, the first non\u2013vitamin K antagonist oral anticoagulant (NOAC), became available. Objectives This study sought to describe phase 2 baseline data and compare these with the pre-NOAC era collected during phase 1. Methods During phase 2, 15,641 consenting patients were enrolled (November 2011 to December 2014); 15,092 were eligible. This pre-specified cross-sectional analysis describes eligible patients\u2019 baseline characteristics. Atrial fibrillation disease characteristics, medical outcomes, and concomitant diseases and medications were collected. Data were analyzed using descriptive statistics. Results Of the total patients, 45.5% were female; median age was 71 (interquartile range: 64, 78) years. Patients were from Europe (47.1%), North America (22.5%), Asia (20.3%), Latin America (6.0%), and the Middle East/Africa (4.0%). Most had high stroke risk (CHA2DS2-VASc [Congestive heart failure, Hypertension, Age  6575 years, Diabetes mellitus, previous Stroke, Vascular disease, Age 65 to 74 years, Sex category] score  652; 86.1%); 13.9% had moderate risk (CHA2DS2-VASc = 1). Overall, 79.9% received oral anticoagulants, of whom 47.6% received NOAC and 32.3% vitamin K antagonists (VKA); 12.1% received antiplatelet agents; 7.8% received no antithrombotic treatment. For comparison, the proportion of phase 1 patients (of N = 1,063 all eligible) prescribed VKA was 32.8%, acetylsalicylic acid 41.7%, and no therapy 20.2%. In Europe in phase 2, treatment with NOAC was more common than VKA (52.3% and 37.8%, respectively); 6.0% of patients received antiplatelet treatment; and 3.8% received no antithrombotic treatment. In North America, 52.1%, 26.2%, and 14.0% of patients received NOAC, VKA, and antiplatelet drugs, respectively; 7.5% received no antithrombotic treatment. NOAC use was less common in Asia (27.7%), where 27.5% of patients received VKA, 25.0% antiplatelet drugs, and 19.8% no antithrombotic treatment. Conclusions The baseline data from GLORIA-AF phase 2 demonstrate that in newly diagnosed nonvalvular atrial fibrillation patients, NOAC have been highly adopted into practice, becoming more frequently prescribed than VKA in Europe and North America. Worldwide, however, a large proportion of patients remain undertreated, particularly in Asia and North America. (Global Registry on Long-Term Oral Antithrombotic Treatment in Patients With Atrial Fibrillation [GLORIA-AF]; NCT01468701

Language use in universities: Internationalisation and protection of the own language

status: publishe

Terms in Logic programs: a problem with their semantics and its effect on the programming methodology

status: publishe