7 research outputs found
An O(M(n) log n) algorithm for the Jacobi symbol
The best known algorithm to compute the Jacobi symbol of two n-bit integers
runs in time O(M(n) log n), using Sch\"onhage's fast continued fraction
algorithm combined with an identity due to Gauss. We give a different O(M(n)
log n) algorithm based on the binary recursive gcd algorithm of Stehl\'e and
Zimmermann. Our implementation - which to our knowledge is the first to run in
time O(M(n) log n) - is faster than GMP's quadratic implementation for inputs
larger than about 10000 decimal digits.Comment: Submitted to ANTS IX (Nancy, July 2010
Efficient Algorithms for gcd and Cubic Residuosity in the Ring of Eisenstein Integers
We present simple and efficient algorithms for computing gcd and cubic residuosity in the ring of Eisenstein integers, Z[zeta] , i.e. the integers extended with zeta , a complex primitive third root of unity. The algorithms are similar and may be seen as generalisations of the binary integer gcd and derived Jacobi symbol algorithms. Our algorithms take time O(n^2) for n bit input. This is an improvement from the known results based on the Euclidian algorithm, and taking time O(n· M(n)), where M(n) denotes the complexity of multiplying n bit integers. The new algorithms have applications in practical primality tests and the implementation of cryptographic protocols. The technique underlying our algorithms can be used to obtain equally fast algorithms for gcd and quartic residuosity in the ring of Gaussian integers, Z[i]
Secure Sealed-Bid Online Auctions Using Discreet Cryptographic Proofs
Abstract This work describes the design and implementation of an auction system using secure multiparty computation techniques. Our aim is to produce a system that is practical under actual field constraints on computation, memory, and communication. The underlying protocol is privacy-preserving, that is, the winning bid is determined without information about the losing bids leaking to either the auctioneer or other bidders. Practical implementation of the protocol is feasible using circuit-based cryptographic proofs along with additively homomorphic bit commitment. Moreover, we propose the development of a Proof Certificate standard. These certificates convey sufficient information to recreate the cryptographic proofs and verify them offline
Reconfigurable Architectures for Cryptographic Systems
Field Programmable Gate Arrays (FPGAs) are suitable platforms for implementing cryptographic
algorithms in hardware due to their flexibility, good performance and low power consumption.
Computer security is becoming increasingly important and security requirements
such as key sizes are quickly evolving. This creates the need for customisable hardware designs
for cryptographic operations capable of covering a large design space. In this thesis we explore
the four design dimensions relevant to cryptography - speed, area, power consumption and
security of the crypto-system - by developing parametric designs for public-key generation and
encryption as well as side-channel attack countermeasures. There are four contributions.
First, we present new architectures for Montgomery multiplication and exponentiation based
on variable pipelining and variable serial replication. Our implementations of these architectures
are compared to the best implementations in the literature and the design space is explored in
terms of speed and area trade-offs.
Second, we generalise our Montgomery multiplier design ideas by developing a parametric
model to allow rapid optimisation of a general class of algorithms containing loops with dependencies
carried from one iteration to the next. By predicting the throughput and the area of
the design, our model facilitates and speeds up design space exploration.
Third, we develop new architectures for primality testing including the first hardware architecture
for the NIST approved Lucas primality test. We explore the area, speed and power
consumption trade-offs by comparing our Lucas architectures on CPU, FPGA and ASIC.
Finally, we tackle the security issue by presenting two novel power attack countermeasures
based on on-chip power monitoring. Our constant power framework uses a closed-loop
control system to keep the power consumption of any FPGA implementation constant. Our
attack detection framework uses a network of ring-oscillators to detect the insertion of a shunt
resistor-based power measurement circuit on a device's power rail. This countermeasure is
lightweight and has a relatively low power overhead compared to existing masking and hiding
countermeasures
A Binary Algorithm for the Jacobi Symbol
We present a new algorithm to compute the Jacobi symbol, based on Stein's binary algorithm for the greatest common divisor, and we determine the worst-case behavior of this algorithm. Our implementation of the algorithm runs approximately 7--25% faster than traditional methods on inputs of size 100--1000 decimal digits. 1 Introduction Efficient computation of the Jacobi symbol \Gamma a n \Delta is an important component of the Monte Carlo primality test of Solovay and Strassen [9]. Algorithms for computing the Jacobi symbol can also be found on symbolic algebra systems such as Mathematica and Maple. Several efficient algorithms modeled on Euclid's algorithm for computing the greatest common divisor (gcd) have been proposed and analyzed; see, for example, [12, 3, 8]. Indeed, it is possible to compute \Gamma a n \Delta in O((log a)(log n)) bit operations using the "naive arithmetic" model. Using Schonhage's result [7], it is possible (see [1]) to compute \Gamma a n \Delta (..