@article{2071,
  abstract     = {The X or Z chromosome has several characteristics that distinguish it from the autosomes, namely hemizygosity in the heterogametic sex, and a potentially different effective population size, both of which may influence the rate and nature of evolution. In particular, there may be an accelerated rate of adaptive change for X-linked compared to autosomal coding sequences, often referred to as the Faster-X effect. Empirical studies have indicated that the strength of Faster-X evolution varies among different species, and theoretical treatments have shown that demography and mating system can substantially affect the degree of Faster-X evolution. Here we integrate genomic data on Faster-X evolution from a variety of animals with the demographic factors, mating system, and sex chromosome regulatory characteristics that may influence it. Our results suggest that differences in effective population size and mechanisms of dosage compensation may influence the perceived extent of Faster-X evolution, and help to explain several clade-specific patterns that we observe.},
  author       = {Mank, Judith E and Beatriz Vicoso and Berlin, Sofia and Charlesworth, Brian},
  journal      = {Evolution},
  number       = {3},
  pages        = {663 -- 674},
  publisher    = {Wiley-Blackwell},
  title        = {{Effective population size and the Faster-X effect: Empirical results and their interpretation}},
  doi          = {10.1111/j.1558-5646.2009.00853.x},
  volume       = {64},
  year         = {2010},
}

@phdthesis{2075,
  abstract     = {This thesis investigates the combination of data-driven and physically based techniques for acquiring, modeling, and animating deformable materials, with a special focus on human faces. Furthermore, based on these techniques, we introduce a data-driven process for designing and fabricating materials with desired deformation behavior. 
Realistic simulation behavior, surface details, and appearance are still demanding tasks. Neither pure data-driven, pure procedural, nor pure physical methods are best suited for accurate synthesis of facial motion and details (both for appearance and geometry), due to the difficulties in model design, parameter estimation, and desired controllability for animators. Capturing of a small but representative amount of real data, and then synthesizing diverse on-demand examples with physically-based models and real data as input benefits from both sides: Highly realistic model behavior due to real-world data and controllability due to physically-based models.
To model the face and its behavior, hybrid physically-based and data-driven approaches are elaborated. We investigate surface-based representations as well as a solid representation based on FEM. To achieve realistic behavior, we propose to build light-weighted data capture devices to acquire real-world data to estimate model parameters and to employ concepts from data-driven modeling techniques and machine learning. The resulting models support simple acquisition systems, offer techniques to process and extract model parameters from real-world data, provide a compact representation of the facial geometry and its motion, and allow intuitive editing. We demonstrate applications such as capture of facial geometry and motion and real-time animation and transfer of facial details, and show that our soft tissue model can react to external forces and produce realistic deformations beyond facial expressions.
Based on this model, we furthermore introduce a data-driven process for designing and fabricating materials with desired deformation behavior. The process starts with measuring deformation properties of base materials. Each material is represented as a non-linear stress-strain relationship in a finite-element model. For material design and fabrication, we introduce an optimization process that finds the best combination of base materials that meets a user’s criteria specified by example deformations. Our algorithm employs a number of strategies to prune poor solutions from the combinatorial search space. We finally demonstrate the complete process by designing and fabricating objects with complex heterogeneous materials using modern multi-material 3D printers.
},
  author       = {Bernd Bickel},
  booktitle    = {Unknown},
  number       = {7458},
  publisher    = {Unknown},
  title        = {{Measurement-based modeling and fabrication of deformable materials for human faces}},
  doi          = {dx.doi.org/10.3929/ethz-a-006354908},
  volume       = {499},
  year         = {2010},
}

@article{10127,
  abstract     = {We use numerical simulations to show how noninteracting hard particles binding to a deformable elastic shell may self-assemble into a variety of linear patterns. This is a result of the nontrivial elastic response to deformations of shells. The morphology of the patterns can be controlled by the mechanical properties of the surface, and can be fine-tuned by varying the binding energy of the particles. We also repeat our calculations for a fully flexible chain and find that the chain conformations follow patterns similar to those formed by the nanoparticles under analogous conditions. We propose a simple way of understanding and sorting the different structures and relate it to the underlying shape transition of the shell. Finally, we discuss the implications of our results.},
  author       = {Šarić, Anđela and Cacciuto, Angelo},
  issn         = {1744-683X},
  journal      = {Soft Matter},
  keywords     = {condensed matter physics, general chemistry},
  number       = {5},
  pages        = {1874--1878},
  publisher    = {Royal Society of Chemistry (RSC)},
  title        = {{Particle self-assembly on soft elastic shells}},
  doi          = {10.1039/c0sm01143f},
  volume       = {7},
  year         = {2010},
}

@article{10128,
  abstract     = {An extensive computational study of the conformational preferences of three capped dipeptides: Ac-Xxx-Phe-NH2, Xxx = Gly, Ala, Val is reported. On the basis of local second-order Møller–Plesset perturbation theory (LMP2) and DFT computations we were able to identify the experimentally observed conformers as γL–γL(g−) and β-turn I(g+) in Ac-Gly-Phe-NH2, and Ac-Ala-Phe-NH2, and as the closely related γL(g+)–γL(g−) and β-turn I(a,g+) in Ac-Val-Phe-NH2. In contrast to the experimental observation that peptides with bulky side chain have a propensity for β-turns, we show that in Ac-Val-Phe-NH2 the minimum energy structure corresponds to the experimentally non detected β-strand.},
  author       = {Šarić, Anđela and Hrenar, T. and Mališ, M. and Došlić, N.},
  issn         = {1463-9076},
  journal      = {Physical Chemistry Chemical Physics},
  keywords     = {Physical and Theoretical Chemistry, General Physics and Astronomy},
  number       = {18},
  pages        = {4678--4685},
  publisher    = {Royal Society of Chemistry },
  title        = {{Quantum mechanical study of secondary structure formation in protected dipeptides}},
  doi          = {10.1039/b923041f},
  volume       = {12},
  year         = {2010},
}

@article{10390,
  abstract     = {We use numerical simulations to study the phase behavior of a system of purely repulsive soft dumbbells as a function of size ratio of the two components and their relative degree of deformability. We find a plethora of different phases, which includes most of the mesophases observed in self-assembly of block copolymers but also crystalline structures formed by asymmetric, hard binary mixtures. Our results detail the phenomenological behavior of these systems when softness is introduced in terms of two different classes of interparticle interactions: (a) the elastic Hertz potential, which has a finite energy cost for complete overlap of any two components, and (b) a generic power-law repulsion with tunable exponent. We discuss how simple geometric arguments can be used to account for the large structural variety observed in these systems and detail the similarities and differences in the phase behavior for the two classes of potentials under consideration.},
  author       = {Šarić, Anđela and Bozorgui, Behnaz and Cacciuto, Angelo},
  issn         = {1520-5207},
  journal      = {The Journal of Physical Chemistry B},
  keywords     = {materials chemistry},
  number       = {22},
  pages        = {7182--7189},
  publisher    = {American Chemical Society},
  title        = {{Packing of soft asymmetric dumbbells}},
  doi          = {10.1021/jp107545w},
  volume       = {115},
  year         = {2010},
}

@article{10391,
  abstract     = {We use numerical simulations to show how a fully flexible filament binding to a deformable cylindrical surface may acquire a macroscopic persistence length and a helical conformation. This is a result of the nontrivial elastic response to deformations of elastic sheets. We find that the filament’s helical pitch is completely determined by the mechanical properties of the surface, and can be easily tuned by varying the surface stretching rigidity. We propose simple scaling arguments to understand the physical mechanism behind this phenomenon and present a phase diagram indicating under what conditions one should expect a fully flexible chain to behave as a helical semiflexible filament. Finally, we discuss the implications of our results.},
  author       = {Šarić, Anđela and Pàmies, Josep C. and Cacciuto, Angelo},
  issn         = {1079-7114},
  journal      = {Physical Review Letters},
  keywords     = {general physics and astronomy},
  number       = {22},
  publisher    = {American Physical Society},
  title        = {{Effective elasticity of a flexible filament bound to a deformable cylindrical surface}},
  doi          = {10.1103/physrevlett.104.226101},
  volume       = {104},
  year         = {2010},
}

@inproceedings{1042,
  abstract     = {Recent years have seen tremendous progress in the field of cold and ultracold molecules. A central goal in the field is currently the realization of stable rovibronic ground-state molecular samples in the regime of quantum degeneracy, e.g. in the form of molecular Bose-Einstein condensates, molecular degenerate Fermi gases, or, when an optical lattice is present, molecular Mott-insulator phases. However, molecular samples are not readily cooled to the extremely low temperatures at which quantum degeneracy occurs. In particular, laser cooling, the \'workhorse\' for the field of atomic quantum gases, is generally not applicable to molecular samples. Here we take an important step beyond previous work1 and provide details on the realization of an ultracold quantum gas of ground-state dimer molecules trapped in an optical lattice as recently reported in Ref. 2. We demonstrate full control over all internal and external quantum degrees of freedom for the ground-state molecules by deterministically preparing the molecules in a single quantum state, i.e. in a specific hyperfine sublevel of the rovibronic ground state, while the molecules are trapped in the motional ground state of the individual lattice wells. We circumvent the problem of cooling by associating weakly-bound molecules out of a zero-temperature atomic Mott-insulator state and by transferring these to the absolute ground state in a four-photon STIRAP process. Our preparation procedure directly leads to a long-lived, lattice-trapped molecular many-body state, which we expect to form the platform for many of the envisioned future experiments with molecular quantum gases, e.g. on precision molecular spectroscopy, quantum information science, and dipolar quantum systems.},
  author       = {Danzl, Johann G and Mark, Manfred and Haller, Elmar and Gustavsson, Mattias and Hart, Russell and Nägerl, Hanns},
  pages        = {256 -- 269},
  publisher    = {World Scientific Publishing},
  title        = {{Production of a quantum gas of rovibronic ground-state molecules in an optical lattice}},
  doi          = {10.1142/9789814282345_0024},
  year         = {2010},
}

@article{1044,
  abstract     = {Control over all internal and external degrees of freedom of molecules at the level of single quantum states will enable a series of fundamental studies in physics and chemistry1,2. In particular, samples of ground-state molecules at ultralow temperatures and high number densities will facilitate new quantum-gas studies3 and future applications in quantum information science4. However, high phase-space densities for molecular samples are not readily attainable because efficient cooling techniques such as laser cooling are lacking. Here we produce an ultracold and dense sample of molecules in a single hyperfine level of the rovibronic ground state with each molecule individually trapped in the motional ground state of an optical lattice well. Starting from a zero-temperature atomic Mott-insulator state with optimized double-site occupancy6, weakly bound dimer molecules are efficiently associated on a Feshbach resonance7 and subsequently transferred to the rovibronic ground state by a stimulated four-photon process with &gt;50% efficiency. The molecules are trapped in the lattice and have a lifetime of 8 s. Our results present a crucial step towards Bose-Einstein condensation of ground-state molecules and, when suitably generalized to polar heteronuclear molecules, the realization of dipolar quantum-gas phases in optical lattices8-10.},
  author       = {Danzl, Johann G and Mark, Manfred and Haller, Elmar and Gustavsson, Mattias and Hart, Russell and Aldegunde, Jesus and Hutson, Jeremy and Nägerl, Hanns},
  journal      = {Nature Physics},
  number       = {4},
  pages        = {265 -- 270},
  publisher    = {Nature Publishing Group},
  title        = {{An ultracold high-density sample of rovibronic ground-state molecules in an optical lattice}},
  doi          = {10.1038/nphys1533},
  volume       = {6},
  year         = {2010},
}

@article{1045,
  abstract     = {We report on the observation of confinement-induced resonances in strongly interacting quantum-gas systems with tunable interactions for one- and two-dimensional geometry. Atom-atom scattering is substantially modified when the s-wave scattering length approaches the length scale associated with the tight transversal confinement, leading to characteristic loss and heating signatures. Upon introducing an anisotropy for the transversal confinement we observe a splitting of the confinement-induced resonance. With increasing anisotropy additional resonances appear. In the limit of a two-dimensional system we find that one resonance persists.},
  author       = {Haller, Elmar and Mark, Manfred and Hart, Russell and Danzl, Johann G and Reichsöllner, Lukas and Melezhik, Vladimir and Schmelcher, Peter and Nägerl, Hanns},
  journal      = {Physical Review Letters},
  number       = {15},
  publisher    = {American Physical Society},
  title        = {{Confinement-induced resonances in low-dimensional quantum systems}},
  doi          = {10.1103/PhysRevLett.104.153203},
  volume       = {104},
  year         = {2010},
}

@article{1046,
  abstract     = {The phenomenon of matter-wave interference lies at the heart of quantum physics. It has been observed in various contexts in the limit of non-interacting particles as a single-particle effect. Here we observe and control matter-wave interference whose evolution is driven by interparticle interactions. In a multi-path matter-wave interferometer, the macroscopic manybody wave function of an interacting atomic Bose-Einstein condensate develops a regular interference pattern, allowing us to detect and directly visualize the effect of interaction-induced phase shifts. We demonstrate control over the phase evolution by inhibiting interaction-induced dephasing and by refocusing a dephased macroscopic matter wave in a spin-echo-type experiment. Our results show that interactions in a many-body system lead to a surprisingly coherent evolution, possibly enabling narrow-band and high-brightness matterwave interferometers based on atom lasers.},
  author       = {Gustavsson, Mattias and Haller, Elmar and Mark, Manfred and Danzl, Johann G and Hart, Russell and Daley, Andrew and Nägerl, Hanns},
  journal      = {New Journal of Physics},
  publisher    = {IOP Publishing Ltd.},
  title        = {{Interference of interacting matter waves}},
  doi          = {10.1088/1367-2630/12/6/065029},
  volume       = {12},
  year         = {2010},
}

@article{1047,
  abstract     = {Particles in a perfect lattice potential perform Bloch oscillations when subject to a constant force, leading to localization and preventing conductivity. For a weakly interacting Bose-Einstein condensate of Cs atoms, we observe giant center-of-mass oscillations in position space with a displacement across hundreds of lattice sites when we add a periodic modulation to the force near the Bloch frequency. We study the dependence of these &quot;super&quot; Bloch oscillations on lattice depth, modulation amplitude, and modulation frequency and show that they provide a means to induce linear transport in a dissipation-free lattice.},
  author       = {Haller, Elmar and Hart, Russell and Mark, Manfred and Danzl, Johann G and Reichsöllner, Lukas and Nägerl, Hanns},
  journal      = {Physical Review Letters},
  number       = {20},
  publisher    = {American Physical Society},
  title        = {{Inducing transport in a dissipation-free lattice with super bloch oscillations}},
  doi          = {10.1103/PhysRevLett.104.200403},
  volume       = {104},
  year         = {2010},
}

@article{1049,
  abstract     = {Quantum many-body systems can have phase transitions even at zero temperature; fluctuations arising from Heisenbergĝ€™s uncertainty principle, as opposed to thermal effects, drive the system from one phase to another. Typically, during the transition the relative strength of two competing terms in the systemĝ€™s Hamiltonian changes across a finite critical value. A well-known example is the Mottĝ€&quot; Hubbard quantum phase transition from a superfluid to an insulating phase, which has been observed for weakly interacting bosonic atomic gases. However, for strongly interacting quantum systems confined to lower-dimensional geometry, a novel type of quantum phase transition may be induced and driven by an arbitrarily weak perturbation to the Hamiltonian. Here we observe such an effectĝ€&quot;the sineĝ€&quot;Gordon quantum phase transition from a superfluid Luttinger liquid to a Mott insulatorĝ€ &quot;in a one-dimensional quantum gas of bosonic caesium atoms with tunable interactions. For sufficiently strong interactions, the transition is induced by adding an arbitrarily weak optical lattice commensurate with the atomic granularity, which leads to immediate pinning of the atoms. We map out the phase diagram and find that our measurements in the strongly interacting regime agree well with a quantum field description based on the exactly solvable sineĝ€&quot;Gordon model. We trace the phase boundary all the way to the weakly interacting regime, where we find good agreement with the predictions of the one-dimensional Boseĝ€&quot;Hubbard model. Our results open up the experimental study of quantum phase transitions, criticality and transport phenomena beyond Hubbard-type models in the context of ultracold gases.},
  author       = {Haller, Elmar and Hart, Russell and Mark, Manfred and Danzl, Johann G and Reichsöllner, Lukas and Gustavsson, Mattias and Dalmonte, Marcello and Pupillo, Guido and Nägerl, Hanns},
  journal      = {Nature},
  number       = {7306},
  pages        = {597 -- 600},
  publisher    = {Nature Publishing Group},
  title        = {{Pinning quantum phase transition for a Luttinger liquid of strongly interacting bosons}},
  doi          = {10.1038/nature09259},
  volume       = {466},
  year         = {2010},
}

@article{3146,
  abstract     = {Coordinated migration of newly born neurons to their prospective target laminae is a prerequisite for neural circuit assembly in the developing brain. The evolutionarily conserved LIS1/NDEL1 complex is essential for neuronal migration in the mammalian cerebral cortex. The cytoplasmic nature of LIS1 and NDEL1 proteins suggest that they regulate neuronal migration cell autonomously. Here, we extend mosaic analysis with double markers (MADM) to mouse chromosome 11 where Lis1, Ndel1, and 14-3-3e{open} (encoding a LIS1/NDEL1 signaling partner) are located. Analyses of sparse and uniquely labeled mutant cells in mosaic animals reveal distinct cell-autonomous functions for these three genes. Lis1 regulates neuronal migration efficiency in a dose-dependent manner, while Ndel1 is essential for a specific, previously uncharacterized, late step of neuronal migration: entry into the target lamina. Comparisons with previous genetic perturbations of Lis1 and Ndel1 also suggest a surprising degree of cell-nonautonomous function for these proteins in regulating neuronal migration.},
  author       = {Simon Hippenmeyer and Youn, Yong H and Moon, Hyang M and Miyamichi, Kazunari and Zong, Hui and Wynshaw-Boris, Anthony and Luo, Liqun},
  journal      = {Neuron},
  number       = {4},
  pages        = {695 -- 709},
  publisher    = {Elsevier},
  title        = {{Genetic mosaic dissection of Lis1 and Ndel1 in neuronal migration}},
  doi          = {10.1016/j.neuron.2010.09.027},
  volume       = {68},
  year         = {2010},
}

@article{3153,
  abstract     = {Human immune cells have to penetrate an endothelial barrier during their beneficial pursuit of infection and their destructive infiltration of tissues in autoimmune diseases. This transmigration requires Rap1 GTPase to activate integrin affinity. We define a new model system for this process by demonstrating, with live imaging and genetics, that during embryonic development Drosophila melanogaster immune cells penetrate an epithelial, Drosophila E-cadherin (DE-cadherin)-based tissue barrier. A mutant in RhoL, a GTPase homologue that is specifically expressed in haemocytes, blocks this invasive step but not other aspects of guided migration. RhoL mediates integrin adhesion caused by Drosophila Rap1 overexpression and moves Rap1 away from a concentration in the cytoplasm to the leading edge during invasive migration. These findings indicate that a programmed migratory step during Drosophila development bears striking molecular similarities to vertebrate immune cell transmigration during inflammation, and identify RhoL as a new regulator of invasion, adhesion and Rap1 localization. Our work establishes the utility of Drosophila for identifying novel components of immune cell transmigration and for understanding the in vivo interplay of immune cells with the barriers they penetrate.},
  author       = {Daria Siekhaus and Haesemeyer, Martin and Moffitt, Olivia and Lehmann, Ruth},
  journal      = {Nature Cell Biology},
  number       = {6},
  pages        = {605 -- 610},
  publisher    = {Nature Publishing Group},
  title        = {{RhoL controls invasion and Rap1 localization during immune cell transmigration in Drosophila}},
  volume       = {12},
  year         = {2010},
}

@inproceedings{3201,
  abstract     = {The problem of cosegmentation consists of segmenting the same object (or objects of the same class) in two or more distinct images. Recently a number of different models have been proposed for this problem. However, no comparison of such models and corresponding optimization techniques has been done so far. We analyze three existing models: the L1 norm model of Rother et al. [1], the L2 norm model of Mukherjee et al. [2] and the &quot;reward&quot; model of Hochbaum and Singh [3]. We also study a new model, which is a straightforward extension of the Boykov-Jolly model for single image segmentation [4]. In terms of optimization, we use a Dual Decomposition (DD) technique in addition to optimization methods in [1,2]. Experiments show a significant improvement of DD over published methods. Our main conclusion, however, is that the new model is the best overall because it: (i) has fewest parameters; (ii) is most robust in practice, and (iii) can be optimized well with an efficient EM-style procedure.},
  author       = {Vicente, Sara and Vladimir Kolmogorov and Rother, Carsten},
  pages        = {465 -- 479},
  publisher    = {Springer},
  title        = {{Cosegmentation revisited: Models and optimization}},
  doi          = {10.1007/978-3-642-15552-9_34},
  volume       = {6312},
  year         = {2010},
}

@article{3202,
  abstract     = {We consider the following problem: given an undirected weighted graph G = (V,E,c) with nonnegative weights, minimize function c(δ(Π))- λ|Π| for all values of parameter λ. Here Π is a partition of the set of nodes, the first term is the cost of edges whose endpoints belong to different components of the partition, and |Π| is the number of components. The current best known algorithm for this problem has complexity O(|V| 2) maximum flow computations. We improve it to |V| parametric maximum flow computations. We observe that the complexity can be improved further for families of graphs which admit a good separator, e.g. for planar graphs.},
  author       = {Vladimir Kolmogorov},
  journal      = {Algorithmica},
  number       = {4},
  pages        = {394 -- 412},
  publisher    = {Springer},
  title        = {{A faster algorithm for computing the principal sequence of partitions of a graph}},
  doi          = {10.1007/s00453-008-9177-z},
  volume       = {56},
  year         = {2010},
}

@inproceedings{3233,
  abstract     = {We present a general parallel-repetition theorem with an efficient reduction. As a corollary of this theorem we establish that parallel repetition reduces the soundness error at an exponential rate in any public-coin argument, and more generally, any argument where the verifier's messages, but not necessarily its decision to accept or reject, can be efficiently simulated with noticeable probability.},
  author       = {Håstad, Johan and Pass, Rafael and Wikström, Douglas and Krzysztof Pietrzak},
  pages        = {1 -- 18},
  publisher    = {Springer},
  title        = {{An efficient parallel repetition theorem}},
  doi          = {10.1007/978-3-642-11799-2_1},
  volume       = {5978},
  year         = {2010},
}

@inproceedings{3234,
  abstract     = {The strongest standard security notion for digital signature schemes is unforgeability under chosen message attacks. In practice, however, this notion can be insufficient due to &quot;side-channel attacks&quot; which exploit leakage of information about the secret internal state. In this work we put forward the notion of &quot;leakage-resilient signatures,&quot; which strengthens the standard security notion by giving the adversary the additional power to learn a bounded amount of arbitrary information about the secret state that was accessed during every signature generation. This notion naturally implies security against all side-channel attacks as long as the amount of information leaked on each invocation is bounded and &quot;only computation leaks information.&quot; The main result of this paper is a construction which gives a (tree-based, stateful) leakage-resilient signature scheme based on any 3-time signature scheme. The amount of information that our scheme can safely leak per signature generation is 1/3 of the information the underlying 3-time signature scheme can leak in total. Signature schemes that remain secure even if a bounded total amount of information is leaked were recently constructed, hence instantiating our construction with these schemes gives the first constructions of provably secure leakage-resilient signature schemes. The above construction assumes that the signing algorithm can sample truly random bits, and thus an implementation would need some special hardware (randomness gates). Simply generating this randomness using a leakage-resilient stream-cipher will in general not work. Our second contribution is a sound general principle to replace uniform random bits in any leakage-resilient construction with pseudorandom ones: run two leakage-resilient stream-ciphers (with independent keys) in parallel and then apply a two-source extractor to their outputs. },
  author       = {Faust, Sebastian and Kiltz, Eike and Krzysztof Pietrzak and Rothblum, Guy N},
  pages        = {343 -- 360},
  publisher    = {Springer},
  title        = {{Leakage resilient signatures}},
  doi          = {10.1007/978-3-642-11799-2_21},
  volume       = {5978},
  year         = {2010},
}

@inproceedings{3235,
  abstract     = {A cryptographic primitive is leakage-resilient, if it remains secure even if an adversary can learn a bounded amount of arbitrary information about the computation with every invocation. As a consequence, the physical implementation of a leakage-resilient primitive is secure against every side-channel as long as the amount of information leaked per invocation is bounded. In this paper we prove positive and negative results about the feasibility of constructing leakage-resilient pseudorandom functions and permutations (i.e. block-ciphers). Our results are three fold: 1. We construct (from any standard PRF) a PRF which satisfies a relaxed notion of leakage-resilience where (1) the leakage function is fixed (and not adaptively chosen with each query.) and (2) the computation is split into several steps which leak individually (a &quot;step&quot; will be the invocation of the underlying PRF.) 2. We prove that a Feistel network with a super-logarithmic number of rounds, each instantiated with a leakage-resilient PRF, is a leakage resilient PRP. This reduction also holds for the non-adaptive notion just discussed, we thus get a block-cipher which is leakage-resilient (against non-adaptive leakage). 3. We propose generic side-channel attacks against Feistel networks. The attacks are generic in the sense that they work for any round functions (e.g. uniformly random functions) and only require some simple leakage from the inputs to the round functions. For example we show how to invert an r round Feistel network over 2n bits making 4•(n+1) r-2 forward queries, if with each query we are also given as leakage the Hamming weight of the inputs to the r round functions. This complements the result from the previous item showing that a super-constant number of rounds is necessary.},
  author       = {Dodis, Yevgeniy and Krzysztof Pietrzak},
  pages        = {21 -- 40},
  publisher    = {Springer},
  title        = {{Leakage resilient pseudorandom functions and side channel attacks on feistel networks}},
  doi          = {10.1007/978-3-642-14623-7_2},
  volume       = {6223},
  year         = {2010},
}

@inproceedings{3237,
  abstract     = {Blinding is a popular and well-known countermeasure to protect public-key cryptosystems against side-channel attacks. The high level idea is to randomize an exponentiation in order to prevent multiple measurements of the same operation on different data, as such measurements might allow the adversary to learn the secret exponent. Several variants of blinding have been proposed in the literature, using additive or multiplicative secret-sharing to blind either the base or the exponent. These countermeasures usually aim at preventing particular side-channel attacks (mostly power analysis) and come without any formal security guarantee. In this work we investigate to which extend blinding can provide provable security against a general class of side-channel attacks. Surprisingly, it turns out that in the context of public-key encryption some blinding techniques are more suited than others. In particular, we consider a multiplicatively blinded version of ElGamal public-key encryption where - we prove that the scheme, instantiated over bilinear groups of prime order p (where p - 1 is not smooth) is leakage resilient in the generic-group model. Here we consider the model of chosen-ciphertext security in the presence of continuous leakage, i.e., the scheme remains chosen-ciphertext secure even if with every decryption query the adversary can learn a bounded amount (roughly log(p)/2 bits) of arbitrary, adversarially chosen information about the computation. - we conjecture that the scheme, instantiated over arbitrary groups of prime order p (where p - 1 is not smooth) is leakage resilient. Previous to this work no encryption scheme secure against continuous leakage was known. Constructing a scheme that can be proven secure in the standard model remains an interesting open problem. },
  author       = {Kiltz, Eike and Krzysztof Pietrzak},
  pages        = {595 -- 612},
  publisher    = {Springer},
  title        = {{Leakage resilient ElGamal encryption}},
  doi          = {10.1007/978-3-642-17373-8_34},
  volume       = {6477},
  year         = {2010},
}

