LLTI: Low-Latency Threshold Implementations

With the enormous increase in portable cryptographic devices, physical attacks are becoming similarly popular. One of the most common physical attacks is Side-Channel Analysis (SCA), extremely dangerous due to its non-invasive nature. Threshold Implementations (TI) was proposed as the first countermeasure to provide provable security in masked hardware implementations. While most works on hardware masking are focused on optimizing the area requirements, with the newer and smaller technologies area is taking a backseat, and low-latency is gaining importance. In this work, we revisit the scheme proposed by Arribas et al. in TCHES 2018 to secure unrolled implementations. We formalize and expand this methodology, to devise a masking scheme, derived from TI, designed to secure hardware implementations optimized for latency named Low-Latency Threshold Implementations (LLTI). By applying the distributive property and leveraging a divide-and-conquer strategy, we split a non-linear operation in layers which are masked separately. The result is a more efficient scheme than the former TI for any operation of algebraic degree greater than two, achieving great optimizations both in terms of speed and area. We compare the performance of first-order LLTI with first-order TI in securing a cubic gate and a degree-7 AND gate without using any registers in between. We achieve a 137% increase in maximum frequency and a 60% reduction in area for the cubic gate, and 3131 times reduction in area in the case of a degree-7 AND gate compared to TI. To further illustrate the power of our scheme we take a low-latency PRINCE implementation from the literature and, by simply changing the secure S-box with the LLTI version, we achieve a 46% max. frequency improvement and a 38% area reduction. Moreover, we apply LLTI to a secure a low-latency AES implementation and compare it with the TI version, achieving a 6.9 times max. freq. increase and a 47.2% area reduction

Guards in Action: First-Order SCA Secure Implementations of Ketje without Additional Randomness

Recently the CAESAR competition has announced several finalists among the submitted authenticated encryption algorithms, after an open selection process during the last 5 years. Applications using these algorithms are rapidly increasing today. Devices implementing these applications are enormously susceptible to physical attacks, which are able to retrieve secret data through side-channel information such as the power consumption or the electromagnetic radiations. In this work we present a Side-Channel Analysis resistant hardware implementation of the whole family of authenticated encryption schemes KETJE. By changing just one parameter, any of the KETJE designs can be obtained, and tailored for different applications, either lightweight or high throughput. We introduce a new protected KECCAK implementation, as well as unprotected and protected KETJE implementations, which allow both encryption and decryption modes in the same module. In order to secure these implementations we make use of the masking scheme known as Threshold Implementations and complement it with the technique of “Changing of the Guards”, achieving a first-order Side-Channel Analysis protected implementation with zero extra randomness needed. This way, no dedicated PRNG needs to be additionally implemented, avoiding issues such as the security of the PRNG itself or the quality of the randomness

VerMI: Verification Tool for Masked Implementations

Masking is a widely used countermeasure against Side-Channel Attacks (SCA), but the implementation of these countermeasures is challenging. Experimental security evaluation requires special equipment, a considerable amount of time and extensive technical knowledge. So, to automate and to speed up this process, a formal verification can be performed to asses the security of a design. Multiple theoretical approaches and verification tools have been proposed in the literature. The majority of them are tailored for software implementations, not applicable to hardware since they do not take into account glitches. Existing hardware verification tools are limited either to combinational logic or to small designs due to the computational resources needed. In this work we present VerMI, a verification tool in the form of a logic simulator that checks the properties defined in Threshold Implementations to address the security of a hardware implementation for meaningful orders of security. The tool is designed so that any masking scheme can be evaluated. It accepts combinational and sequential logic and is able to analyze an entire cipher in short time. With the tool we have managed to spot a flaw in the round-based Keccak implementation by Gross et al., published in DSD 2017

Cryptographic Fault Diagnosis using VerFI

Historically, fault diagnosis for integrated circuits has singularly dealt with reliability concerns. In contrast, a cryptographic circuit needs to be primarily evaluated concerning information leakage in the presence of maliciously crafted faults. While Differential Fault Attacks (DFAs) on symmetric ciphers have been known for over 20 years, recent developments have tried to structurally classify the attackers’ capabilities as well as the properties of countermeasures. Correct realization of countermeasures should still be manually verified, which is error-prone and infeasible for even moderate-size real-world designs. Here, we introduce the concept of Cryptographic Fault Diagnosis, which revises and shapes the notions of fault diagnosis in reliability testing to the needs of evaluating cryptographic implementations. Additionally, we present VerFI, which materializes the idea of Cryptographic Fault Diagnosis. It is a fully automated, open-source fault detection tool processing the gate-level representation of arbitrary cryptographic implementations. By adjusting the bounds of the underlying adversary model, VerFI allows us to rapidly examine the desired fault detection/correction capabilities of the given implementation. Among several case studies, we demonstrate its application on an implementation of LED cipher with combined countermeasures against side-channel analysis and fault-injection attacks (published at CRYPTO 2016). This experiment revealed general implementation flaws and undetectable faults leading to successful DFA on the protected design with full-key recovery

Medida de la dispersión cromática de una cavidad en anillo para láser de fibra óptica basado en amplificación paramétrica.

En este trabajo se va a construir un montaje experimental similar al que se necesitaría para conseguir acción láser basada en amplificación paramétrica que se produciría en una fibra altamente no lineal (HNLF). Dicho montaje estará formado por un anillo de fibra que contendrá una muestra de HNLF, la cual genera espectro supercontinuo cuando es bombeada por un tren de pulsos procedentes de un láser de fibra óptica dopada con erbio pulsado mediante mode-locking. Además, es necesario poder modificar la longitud de anillo para conseguir la coincidencia temporal entre pulsos de bombeo y pulsos de espectro supercontinuo. Para ello, formarán parte del anillo un par de colimadores GRIN enfrentados entre sí y que pueden separarse de forma controlada mediante un desplazador motorizado logrando la modificación en la longitud de anillo.También se va a determinar el índice de refracción de grupo en función de la longitud de onda (dispersión cromática) para la fibra HNLF y para el anillo completo, para lo cual será necesario caracterizar experimentalmente las diferencias de tiempos de vuelo entre los pulsos de bombeo y los pulsos de supercontinuo tras dar una vuelta al anillo.Finalmente, se analizará cómo podría llevarse a cabo la compensación de dichas diferencias temporales de forma que los dos tipos de pulso coincidan temporalmente a la entrada de la HNLF y se pueda conseguir amplificación paramétrica.<br /

Medical students maintain their humanistic and patient‑centred vocation throughout Medicine Degree in Spain: a study based on narratives

Narrative medicine has great educational potential in the degree of medicine. This study explores for the frst time the use of narrative medicine in relation to longitudinal evolution of medical vocation for the same group of students. In the context of the Degree in Medicine at the Universidad Autónoma de Madrid (Spain), students wrote narratives about what it meant to them to be a doctor at the beginning and end of their studies. The narratives of 338 students of the academic years 2012/13– 2017/18 and 2013/14–2018/19 were analysed and compared. Students mostly pursued a degree in medicine on account of humanistic motivations, which are reinforced throughout their degree. In contrast, up to 10% of students reference to have experienced vocational crises and sufered frustration, with up to 25% of the references pertaining to having made signifcant sacrifces. Students maintain and evolve their humanistic, patient-centred vision throughout their degree studies, despite the difculties they appear to encounter. We suggest that eforts must be made to include more humanistic perspectives in the medical degree to keep this trend, which may improve both the educational experience created in universities and the health care given to patient

Siesta: Recent developments and applications

A review of the present status, recent enhancements, and applicability of the SIESTA program is presented. Since its debut in the mid-1990s, SIESTA’s flexibility, efficiency, and free distribution have given advanced materials simulation capabilities to many groups worldwide. The core methodological scheme of SIESTA combines finite-support pseudo-atomic orbitals as basis sets, norm-conserving pseudopotentials, and a realspace grid for the representation of charge density and potentials and the computation of their associated matrix elements. Here, we describe the more recent implementations on top of that core scheme, which include full spin–orbit interaction, non-repeated and multiple-contact ballistic electron transport, density functional theory (DFT)+U and hybrid functionals, time-dependent DFT, novel reduced-scaling solvers, density-functional perturbation theory, efficient van der Waals non-local density functionals, and enhanced molecular-dynamics options. In addition, a substantial effort has been made in enhancing interoperability and interfacing with other codes and utilities, such as WANNIER90 and the second-principles modeling it can be used for, an AiiDA plugin for workflow automatization, interface to Lua for steering SIESTA runs, and various post-processing utilities. SIESTA has also been engaged in the Electronic Structure Library effort from its inception, which has allowed the sharing of various low-level libraries, as well as data standards and support for them, particularly the PSeudopotential Markup Language definition and library for transferable pseudopotentials, and the interface to the ELectronic Structure Infrastructure library of solvers. Code sharing is made easier by the new open-source licensing model of the program. This review also presents examples of application of the capabilities of the code, as well as a view of on-going and future developments. Published under license by AIP Publishing.Siesta development was historically supported by different Spanish National Plan projects (Project Nos. MEC-DGES-PB95-0202, MCyT-BFM2000-1312, MEC-BFM2003-03372, FIS2006-12117, FIS2009-12721, FIS2012-37549, FIS2015-64886-P, and RTC-2016-5681-7), the latter one together with Simune Atomistics Ltd. We are thankful for financial support from the Spanish Ministry of Science, Innovation and Universities through Grant No. PGC2018-096955-B. We acknowledge the Severo Ochoa Center of Excellence Program [Grant Nos. SEV-2015-0496 (ICMAB) and SEV-2017-0706 (ICN2)], the GenCat (Grant No. 2017SGR1506), and the European Union MaX Center of Excellence (EU-H2020 Grant No. 824143). P.G.-F. acknowledges support from Ramón y Cajal (Grant No. RyC-2013-12515). J.I.C. acknowledges Grant No. RTI2018-097895-B-C41. R.C. acknowledges the European Union’s Horizon 2020 Research and Innovation Program under Marie Skłodoswka-Curie Grant Agreement No. 665919. D.S.P, P.K., and P.B. acknowledge Grant No. MAT2016-78293-C6, FET-Open No. 863098, and UPV-EHU Grant No. IT1246-19. V. W. Yu was supported by a MolSSI Fellowship (U.S. NSF Award No. 1547580), and V.B. and V.W.Y. were supported by the ELSI Development by the NSF (Award No. 1450280). We also acknowledge Honghui Shang and Xinming Qin for giving us access to the honpas code, where a preliminary version of the hybrid functional support described here was implemented. We are indebted to other contributors to the Siesta project whose names can be seen in the Docs/Contributors.txt file of the Siesta distribution, and we thank those, too many to list, contributing fixes, comments, clarifications, and documentation for the code.Peer reviewe

Jardins per a la salut

Facultat de Farmàcia, Universitat de Barcelona. Ensenyament: Grau de Farmàcia. Assignatura: Botànica farmacèutica. Curs: 2014-2015. Coordinadors: Joan Simon, Cèsar Blanché i Maria Bosch.Els materials que aquí es presenten són el recull de les fitxes botàniques de 128 espècies presents en el Jardí Ferran Soldevila de l’Edifici Històric de la UB. Els treballs han estat realitzats manera individual per part dels estudiants dels grups M-3 i T-1 de l’assignatura Botànica Farmacèutica durant els mesos de febrer a maig del curs 2014-15 com a resultat final del Projecte d’Innovació Docent «Jardins per a la salut: aprenentatge servei a Botànica farmacèutica» (codi 2014PID-UB/054). Tots els treballs s’han dut a terme a través de la plataforma de GoogleDocs i han estat tutoritzats pels professors de l’assignatura. L’objectiu principal de l’activitat ha estat fomentar l’aprenentatge autònom i col·laboratiu en Botànica farmacèutica. També s’ha pretès motivar els estudiants a través del retorn de part del seu esforç a la societat a través d’una experiència d’Aprenentatge-Servei, deixant disponible finalment el treball dels estudiants per a poder ser consultable a través d’una Web pública amb la possibilitat de poder-ho fer in-situ en el propi jardí mitjançant codis QR amb un smartphone

Post-intervention Status in Patients With Refractory Myasthenia Gravis Treated With Eculizumab During REGAIN and Its Open-Label Extension

OBJECTIVE: To evaluate whether eculizumab helps patients with anti-acetylcholine receptor-positive (AChR+) refractory generalized myasthenia gravis (gMG) achieve the Myasthenia Gravis Foundation of America (MGFA) post-intervention status of minimal manifestations (MM), we assessed patients' status throughout REGAIN (Safety and Efficacy of Eculizumab in AChR+ Refractory Generalized Myasthenia Gravis) and its open-label extension. METHODS: Patients who completed the REGAIN randomized controlled trial and continued into the open-label extension were included in this tertiary endpoint analysis. Patients were assessed for the MGFA post-intervention status of improved, unchanged, worse, MM, and pharmacologic remission at defined time points during REGAIN and through week 130 of the open-label study. RESULTS: A total of 117 patients completed REGAIN and continued into the open-label study (eculizumab/eculizumab: 56; placebo/eculizumab: 61). At week 26 of REGAIN, more eculizumab-treated patients than placebo-treated patients achieved a status of improved (60.7% vs 41.7%) or MM (25.0% vs 13.3%; common OR: 2.3; 95% CI: 1.1-4.5). After 130 weeks of eculizumab treatment, 88.0% of patients achieved improved status and 57.3% of patients achieved MM status. The safety profile of eculizumab was consistent with its known profile and no new safety signals were detected. CONCLUSION: Eculizumab led to rapid and sustained achievement of MM in patients with AChR+ refractory gMG. These findings support the use of eculizumab in this previously difficult-to-treat patient population. CLINICALTRIALSGOV IDENTIFIER: REGAIN, NCT01997229; REGAIN open-label extension, NCT02301624. CLASSIFICATION OF EVIDENCE: This study provides Class II evidence that, after 26 weeks of eculizumab treatment, 25.0% of adults with AChR+ refractory gMG achieved MM, compared with 13.3% who received placebo