Low-Weight Primes for Lightweight Elliptic Curve Cryptography on 8-bit AVR Processors

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to wireless sensor nodes. Many of these applications require asymmetric encryption or authentication, which has spurred a body of research into implementation aspects of Elliptic Curve Cryptography (ECC) on the AVR platform. In this paper, we study the suitability of a special class of finite fields, the so-called Optimal Prime Fields (OPFs), for a "lightweight" implementation of ECC with a view towards high performance and security. An OPF is a finite field Fp defined by a prime of the form p = u*2^k + v, whereby both u and v are "small" (in relation to 2^k) so that they fit into one or two registers of an AVR processor. OPFs have a low Hamming weight, which allows for a very efficient implementation of the modular reduction since only the non-zero words of p need to be processed. We describe a special variant of Montgomery multiplication for OPFs that does not execute any input-dependent conditional statements (e.g. branch instructions) and is, hence, resistant against certain side-channel attacks. When executed on an Atmel ATmega processor, a multiplication in a 160-bit OPF takes just 3237 cycles, which compares favorably with other implementations of 160-bit modular multiplication on an 8-bit processor. We also describe a performance-optimized and a security-optimized implementation of elliptic curve scalar multiplication over OPFs. The former uses a GLV curve and executes in 4.19M cycles (over a 160-bit OPF), while the latter is based on a Montgomery curve and has an execution time of approximately 5.93M cycles. Both results improve the state-of-the-art in lightweight ECC on 8-bit processors

Quantum resource estimates for computing elliptic curve discrete logarithms

We give precise quantum resource estimates for Shor's algorithm to compute discrete logarithms on elliptic curves over prime fields. The estimates are derived from a simulation of a Toffoli gate network for controlled elliptic curve point addition, implemented within the framework of the quantum computing software tool suite LIQ$Ui|\rangle$. We determine circuit implementations for reversible modular arithmetic, including modular addition, multiplication and inversion, as well as reversible elliptic curve point addition. We conclude that elliptic curve discrete logarithms on an elliptic curve defined over an $n$-bit prime field can be computed on a quantum computer with at most $9n + 2\lceil\log_2(n)\rceil+10$ qubits using a quantum circuit of at most $448 n^3 \log_2(n) + 4090 n^3$ Toffoli gates. We are able to classically simulate the Toffoli networks corresponding to the controlled elliptic curve point addition as the core piece of Shor's algorithm for the NIST standard curves P-192, P-224, P-256, P-384 and P-521. Our approach allows gate-level comparisons to recent resource estimates for Shor's factoring algorithm. The results also support estimates given earlier by Proos and Zalka and indicate that, for current parameters at comparable classical security levels, the number of qubits required to tackle elliptic curves is less than for attacking RSA, suggesting that indeed ECC is an easier target than RSA.Comment: 24 pages, 2 tables, 11 figures. v2: typos fixed and reference added. ASIACRYPT 201

Characterization and Comparison of 2 Distinct Epidemic Community-Associated Methicillin-Resistant Staphylococcus aureus Clones of ST59 Lineage.

Sequence type (ST) 59 is an epidemic lineage of community-associated (CA) methicillin-resistant Staphylococcus aureus (MRSA) isolates. Taiwanese CA-MRSA isolates belong to ST59 and can be grouped into 2 distinct clones, a virulent Taiwan clone and a commensal Asian-Pacific clone. The Taiwan clone carries the Panton-Valentine leukocidin (PVL) genes and the staphylococcal chromosomal cassette mec (SCCmec) VT, and is frequently isolated from patients with severe disease. The Asian-Pacific clone is PVL-negative, carries SCCmec IV, and a frequent colonizer of healthy children. Isolates of both clones were characterized by their ability to adhere to respiratory A549 cells, cytotoxicity to human neutrophils, and nasal colonization of a murine and murine sepsis models. Genome variation was determined by polymerase chain reaction of selected virulence factors and by multi-strain whole genome microarray. Additionally, the expression of selected factors was compared between the 2 clones. The Taiwan clone showed a much higher cytotoxicity to the human neutrophils and caused more severe septic infections with a high mortality rate in the murine model. The clones were indistinguishable in their adhesion to A549 cells and persistence of murine nasal colonization. The microarray data revealed that the Taiwan clone had lost the ø3-prophage that integrates into the β-hemolysin gene and includes staphylokinase- and enterotoxin P-encoding genes, but had retained the genes for human immune evasion, scn and chps. Production of the virulence factors did not differ significantly in the 2 clonal groups, although more α-toxin was expressed in Taiwan clone isolates from pneumonia patients. In conclusion, the Taiwan CA-MRSA clone was distinguished by enhanced virulence in both humans and an animal infection model. The evolutionary acquisition of PVL, the higher expression of α-toxin, and possibly the loss of a large portion of the β-hemolysin-converting prophage likely contribute to its higher pathogenic potential than the Asian-Pacific clone

TRY plant trait database - enhanced coverage and open access

Plant traits-the morphological, anatomical, physiological, biochemical and phenological characteristics of plants-determine how plants respond to environmental factors, affect other trophic levels, and influence ecosystem properties and their benefits and detriments to people. Plant trait data thus represent the basis for a vast area of research spanning from evolutionary biology, community and functional ecology, to biodiversity conservation, ecosystem and landscape management, restoration, biogeography and earth system modelling. Since its foundation in 2007, the TRY database of plant traits has grown continuously. It now provides unprecedented data coverage under an open access data policy and is the main plant trait database used by the research community worldwide. Increasingly, the TRY database also supports new frontiers of trait-based plant research, including the identification of data gaps and the subsequent mobilization or measurement of new data. To support this development, in this article we evaluate the extent of the trait data compiled in TRY and analyse emerging patterns of data coverage and representativeness. Best species coverage is achieved for categorical traits-almost complete coverage for 'plant growth form'. However, most traits relevant for ecology and vegetation modelling are characterized by continuous intraspecific variation and trait-environmental relationships. These traits have to be measured on individual plants in their respective environment. Despite unprecedented data coverage, we observe a humbling lack of completeness and representativeness of these continuous traits in many aspects. We, therefore, conclude that reducing data gaps and biases in the TRY database remains a key challenge and requires a coordinated approach to data mobilization and trait measurements. This can only be achieved in collaboration with other initiatives

Methods to study splicing from high-throughput RNA Sequencing data

The development of novel high-throughput sequencing (HTS) methods for RNA (RNA-Seq) has provided a very powerful mean to study splicing under multiple conditions at unprecedented depth. However, the complexity of the information to be analyzed has turned this into a challenging task. In the last few years, a plethora of tools have been developed, allowing researchers to process RNA-Seq data to study the expression of isoforms and splicing events, and their relative changes under different conditions. We provide an overview of the methods available to study splicing from short RNA-Seq data. We group the methods according to the different questions they address: 1) Assignment of the sequencing reads to their likely gene of origin. This is addressed by methods that map reads to the genome and/or to the available gene annotations. 2) Recovering the sequence of splicing events and isoforms. This is addressed by transcript reconstruction and de novo assembly methods. 3) Quantification of events and isoforms. Either after reconstructing transcripts or using an annotation, many methods estimate the expression level or the relative usage of isoforms and/or events. 4) Providing an isoform or event view of differential splicing or expression. These include methods that compare relative event/isoform abundance or isoform expression across two or more conditions. 5) Visualizing splicing regulation. Various tools facilitate the visualization of the RNA-Seq data in the context of alternative splicing. In this review, we do not describe the specific mathematical models behind each method. Our aim is rather to provide an overview that could serve as an entry point for users who need to decide on a suitable tool for a specific analysis. We also attempt to propose a classification of the tools according to the operations they do, to facilitate the comparison and choice of methods.Comment: 31 pages, 1 figure, 9 tables. Small corrections adde

The provision of NHS health checks in a community setting: an ethnographic account

Background: The UK National Health Service Health Checks programme aims to reduce avoidable cardiovascular deaths, disability and health inequalities in England. However, due to the reported lower uptake of screening in specific black and minority ethnic communities who are recognised as being more at risk of cardiovascular disease, there are concerns that NHS Health Checks may increase inequalities in health. This study aimed to examine the feasibility and acceptability of community outreach NHS Health Checks targeted at the Afro-Caribbean community. Methods: This paper reports findings from an ethnographic study including direct observation of four outreach events in four different community venues in inner-city Bristol, England and follow up semi-structured interviews with attendees (n = 16) and staff (n = 4). Interviews and field notes were transcribed, anonymized and analysed thematically using a process of constant comparison. Results: Analysis revealed the value of community assets (community engagement workers, churches, and community centres) to publicise the event and engage community members. People were motivated to attend for preventative reasons, often prompted by familial experience of cardiovascular disease. Attendees valued outreach NHS Health Checks, reinforcing or prompting some to make healthy lifestyle changes. The NHS Health Check provided an opportunity for attendees to raise other health concerns with health staff and to discuss their test results with peers. For some participants, the communication of test results, risk and lifestyle information was confusing and unwelcome. The findings additionally highlight the need to ensure community venues are fit for purpose in terms of assuring confidentiality. Conclusions: Outreach events provide evidence of how local health partnerships (family practice staff and health trainers) and community assets, including informal networks, can enhance the delivery of outreach NHS Health Checks and in promoting the health of targeted communities. To deliver NHS Health Checks effectively, the location and timing of events needs to be carefully considered and staff need to be provided with the appropriate training to ensure patients are supported and enabled to make lifestyle changes

Response perseveration and ventral prefrontal sensitivity to reward and punishment in male problem gamblers and smokers

Pathological gambling (PG) is associated with maladaptive perseverative behavior, but the underlying mechanism and neural circuitry is not completely clear. Here, the hypothesis was tested that PG is characterized by response perseveration and abnormalities in reward and/or punishment sensitivity in the ventral frontostriatal circuit. Executive functioning was assessed to verify if these effects are independent of the dorsal frontostriatal circuit. A group of smokers was also included to examine whether impairments in PG generalize to substance use disorders. Response perseveration and reward/punishment sensitivity were measured with a probabilistic reversal-learning task, in which subjects could win and lose money. Executive functioning was measured with a planning task, the Tower of London. Performance and fMRI data were acquired in 19 problem gamblers, 19 smokers, and 19 healthy controls. Problem gamblers showed severe response perseveration, associated with reduced activation of right ventrolateral prefrontal cortex in response to both monetary gain and loss. Results did not fully generalize to smokers. Planning performance and related activation of the dorsal frontostriatal circuit were intact in both problem gamblers and smokers. PG is related to response perseveration and diminished reward and punishment sensitivity as indicated by hypoactivation of the ventrolateral prefrontal cortex when money is gained and lost. Moreover, intact planning abilities and normal dorsal frontostriatal responsiveness indicate that this deficit is not due to impaired executive functioning. Response perseveration and ventral prefrontal hyporesponsiveness to monetary loss may be markers for maladaptive behavior seen in chemical and nonchemical addictions. © 2009 Nature Publishing Group All rights reserved

A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder

We propose a new encoding algorithm for the simultaneous differential multidimensional scalar point multiplication algorithm $d$-MUL. Previous encoding algorithms are known to have major drawbacks in their efficient and secure implementation. Some of these drawbacks have been avoided in a recent paper in 2018 at a cost of losing the general functionality of the point multiplication algorithm. In this paper, we address these issues. Our new encoding algorithm takes the binary representations of scalars as input, and constructs a compact binary sequence and a permutation, which explicitly determines a regular sequence of group operations to be performed in $d$-MUL. Our algorithm simply slides windows of size two over the scalars and it is very efficient. As a result, while preserving the full generality of $d$-MUL, we successfully eliminate the recursive integer matrix computations in the originally proposed encoding algorithms. We also expect that our new encoding algorithm will make it easier to implement $d$-MUL in constant time. Our results can be seen as the efficient and full generalization of the one dimensional Montgomery ladder to arbitrary dimension

A922 Sequential measurement of 1 hour creatinine clearance (1-CRCL) in critically ill patients at risk of acute kidney injury (AKI)

Meeting abstrac