Combined small subgroups and side-channel attack on elliptic curves with cofactor divisible by 2m2^m

Nowadays, alternative models of elliptic curves like Montgomery, Edwards, twisted Edwards, Hessian, twisted Hessian, Huff's curves and many others are very popular and many people use them in cryptosystems which are based on elliptic curve cryptography. Most of these models allow to use fast and complete arithmetic which is especially convenient in fast implementations that are side-channel attacks resistant. Montgomery, Edwards and twisted Edwards curves have always order of group of rational points divisible by 4. Huff's curves have always order of rational points divisible by 8. Moreover, sometimes to get fast and efficient implementations one can choose elliptic curve with even bigger cofactor, for example 16. Of course the bigger cofactor is, the smaller is the security of cryptosystem which uses such elliptic curve. In this article will be checked what influence on the security has form of cofactor of elliptic curve and will be showed that in some situations elliptic curves with cofactor divisible by $2^m$ are vulnerable for combined small subgroups and side-channel attacks

SIDH hybrid schemes with a classical component based on the discrete logarithm problem over finite field extension

The concept of a hybrid scheme with connection of SIDH and ECDH is nowadays very popular. In hardware implementations it is convenient to use a classical key exchange algorithm, which is based on the same finite field as SIDH. Most frequently used hybrid scheme is SIDH-ECDH. On the other hand, using the same field as in SIDH, one can construct schemes over \Fpn, like Diffie-Hellman or XTR scheme, whose security is based on the discrete logarithm problem. In this paper, idea of such schemes will be presented. The security of schemes, which are based on the discrete logarithm problem over fields \Fp, \Fpd, \Fpc, \Fps and \Fpo, for primes $p$ used in SIDH, will be analyzed. At the end, the propositions of practical applications of these schemes will be presented

Arithmetic using compression on elliptic curves in Huff's form and its applications

In this paper for elliptic curves provided by Huff's equation $H_{a,b}: ax(y^2-1) = by(x^2-1)$ and general Huff's equation $G_{\overline{a},\overline{b}}\ :\ {\overline{x}}(\overline{a}{\overline{y}}^2-1)={\overline{y}}(\overline{b}{\overline{x}}^2-1)$ and degree 2 compression function $f(x,y) = xy$ on these curves, herein we provide formulas for doubling and differential addition after compression, which for Huff's curves are as efficient as Montgomery's formulas for Montgomery's curves $By^2 = x^3 + Ax^2 + x$. For these curves we also provided point recovery formulas after compression, which for a point $P$ on these curves allows to compute $[n]f(P)$ after compression using the Montgomery ladder algorithm, and then recover $[n]P$. Using formulas of Moody and Shumow for computing odd degree isogenies on general Huff's curves, we have also provide formulas for computing odd degree isogenies after compression for these curves.Moreover, it is shown herein how to apply obtained formulas using compression to the ECM algorithm. In the appendix, we present examples of Huff's curves convenient for the isogeny-based cryptography, where compression can be used

The significant impact of age on the clinical outcomes of laparoscopic appendectomy : results from the Polish Laparoscopic Appendectomy multicenter large cohort study

Acute appendicitis (AA) is the most common surgical emergency and can occur at any age. Nearly all of the studies comparing outcomes of appendectomy between younger and older patients set cut-off point at 65 years. In this multicenter observational study, we aimed to compare laparoscopic appendectomy for AA in various groups of patients with particular interest in the elderly and very elderly in comparison to younger adults. Our multicenter observational study of 18 surgical units assessed the outcomes of 4618 laparoscopic appendectomies for AA. Patients were divided in 4 groups according to their age: Group 1- 8 days. Logistic regression models comparing perioperative results of each of the 3 oldest groups compared with the youngest one showed significant differences in odds ratios of symptoms lasting >48hours, presence of complicated appendicitis, perioperative morbidity, conversion rate, prolonged LOS (>8 days). The findings of this study confirm that the outcomes of laparoscopic approach to AA in different age groups are not the same regarding outcomes and the clinical picture. Older patients are at high risk both in the preoperative, intraoperative, and postoperative period. The differences are visible already at the age of 40 years old. Since delayed diagnosis and postponed surgery result in the development of complicated appendicitis, more effort should be placed in improving treatment patterns for the elderly and their clinical outcome

Risk factors for serious morbidity, prolonged length of stay and hospital readmission after laparoscopic appendectomy : results from Pol-LA (Polish Laparoscopic Appendectomy) multicenter large cohort study

Laparoscopic appendectomy (LA) for treatment of acute appendicitis has gained acceptance with its considerable benefits over open appendectomy. LA, however, can involve some adverse outcomes: morbidity, prolonged length of hospital stay (LOS) and hospital readmission. Identification of predictive factors may help to identify and tailor treatment for patients with higher risk of these adverse events. Our aim was to identify risk factors for serious morbidity, prolonged LOS and hospital readmission after LA. A database compiled information of patients admitted for acute appendicitis from eighteen Polish and German surgical centers. It included factors related to the patient characteristics, peri- and postoperative period. Univariate and multivariate logistic regression models were used to identify risk factors for serious perioperative complications, prolonged LOS, and hospital readmissions in acute appendicitis cases. 4618 laparoscopic appendectomy patients were included. First, although several risk factors for serious perioperative complications (C-D III-V) were found in the univariate analysis, in the multivariate model only the presence of intraoperative adverse events (OR 4.09, 95% CI 1.32-12.65, p = 0.014) and complicated appendicitis (OR 3.63, 95% CI 1.74-7.61, p = 0.001) was statistically significant. Second, prolonged LOS was associated with the presence of complicated appendicitis (OR 2.8, 95%CI: 1.53-5.12, p = 0.001), postoperative morbidity (OR 5.01, 95% CI: 2.33-10.75, p < 0.001), conversions (OR 6.48, 95% CI: 3.48-12.08, p < 0.001) and reinterventions after primary procedure (OR 8.79, 95% CI: 3.2-24.14, p < 0.001) in the multivariate model. Third, although several risk factors for hospital readmissions were found in univariate analysis, in the multivariate model only the presence of postoperative complications (OR 10.33, 95% CI: 4.27-25.00), reintervention after primary procedure (OR 5.62, 95% CI: 2.17-14.54), and LA performed by resident (OR 1.96, 95%CI: 1.03-3.70) remained significant. Laparoscopic appendectomy is a safe procedure associated with low rates of complications, prolonged LOS, and readmissions. Risk factors for these adverse events include complicated appendicitis, postoperative morbidity, conversion, and re-intervention after the primary procedure. Any occurrence of these factors during treatment should alert the healthcare team to identify the patients that require more customized treatment to minimize the risk for adverse outcomes

Optimal strategies for computation of degree ℓn\ell^n isogenies for SIDH

This article presents methods and algorithms for the computation of isogenies of degree $\ell^n$. Some of these methods are obtained using recurrence equations and generating functions. A standard multiplication based algorithm for computation of isogeny of degree $\ell^n$ has time complexity equal to $O(n^2 M \left(n \log{n} \right) )$, where $M(N)$ denotes the cost of integers of size $N$ multiplication. The memory complexity of this algorithm is equal to $O\left( n \log{\left( n \log{(n)} \right)} \right)$. In this article are presented algorithms for:\begin{itemize}\item determination of optimal strategy for computation of degree $\ell^n$ isogeny,\item determination of cost of optimal strategy of computation of $\ell^n$ isogeny using solutions of recurrence equations,\item determination of cost of optimal strategy of computation of $\ell^n$ isogeny using recurrence equations,\end{itemize}where optimality in this context means that, for the given parameters, no other strategy exists that requires fewer operations for faster computation of isogeny. Also this article presents a method using generating functions for obtaining the solutions of sequences $\left( u_m \right)$ and $\left( c_m \right)$ where $c_m$ denotes the cost of computations of isogeny of degree $\ell^{u_m}$ computations for given costs $p,q$ of $\ell$-isogeny computation and $\ell$-isogeny evaluation. These solutions are also used in the construction of the algorithms presented in this article

Multivariate Chemometric Comparison of Forced Degradation and Electrochemical Oxidation LC–MS Profiles of Maraviroc

In this study, nine forced degradation products of maraviroc were found using chemometric analysis. This antiretroviral drug was subjected to photolytic, oxidative, as well as neutral, basic and acidic hydrolysis stress conditions. Additionally, its electrochemical transformation on platinum, gold and glassy carbon screen-printed electrodes was examined. This study showed that maraviroc is especially susceptible to UVA, H2O2 and electrochemical degradation, while being resistant to neutral and acidic hydrolysis. A cluster analysis showed that the electrochemical transformation, with particular reference to the platinum electrode, is able to partially simulate the forced degradation processes, especially in the context of redox reactions. These findings indicate that the electrochemical methods can be considered as quick and relatively low-cost supplements to the commonly applied forced degradation procedures

Identification of the New Metabolite of Nebivolol Using Liquid Chromatography Coupled with High-Resolution Mass Spectrometry and Chemometrics

In this study, the phase I hepatic metabolism pathway of a cardiovascular drug nebivolol was proposed on the basis of a human liver microsomes assay with the use of LC-HR-MS coupled with the chemometric method. Six biotransformation products were found with the assistance of chemometric analysis. Five of them were identified as the previously reported products of alicyclic hydroxylation and dihydroxylation, aromatic hydroxylation, as well as alicyclic oxidation of the parent compound. Moreover, one metabolite, not reported so far, was found to be a product of N-dealkylation of nebivolol&mdash;2-amino-1-(6-fluoro-3,4-dihydro-2H-1-benzopyran-2-yl)ethan-1-ol. The novel metabolite was submitted to an in silico toxicity analysis to assess its biological properties. The applied computational methods indicated a significantly elevated risk of its mutagenic activity, compared to the parent molecule. Several metabolites of the nebivolol described in the literature were not detected in this study, indicating their non-hepatic origin