12 research outputs found
Generalised Mersenne Numbers Revisited
Generalised Mersenne Numbers (GMNs) were defined by Solinas in 1999 and
feature in the NIST (FIPS 186-2) and SECG standards for use in elliptic curve
cryptography. Their form is such that modular reduction is extremely efficient,
thus making them an attractive choice for modular multiplication
implementation. However, the issue of residue multiplication efficiency seems
to have been overlooked. Asymptotically, using a cyclic rather than a linear
convolution, residue multiplication modulo a Mersenne number is twice as fast
as integer multiplication; this property does not hold for prime GMNs, unless
they are of Mersenne's form. In this work we exploit an alternative
generalisation of Mersenne numbers for which an analogue of the above property
--- and hence the same efficiency ratio --- holds, even at bitlengths for which
schoolbook multiplication is optimal, while also maintaining very efficient
reduction. Moreover, our proposed primes are abundant at any bitlength, whereas
GMNs are extremely rare. Our multiplication and reduction algorithms can also
be easily parallelised, making our arithmetic particularly suitable for
hardware implementation. Furthermore, the field representation we propose also
naturally protects against side-channel attacks, including timing attacks,
simple power analysis and differential power analysis, which is essential in
many cryptographic scenarios, in constrast to GMNs.Comment: 32 pages. Accepted to Mathematics of Computatio
Efficient Modular Multiplication
This paper is concerned with one of the fundamental building blocks used in modern public-key cryptography: modular multiplication. Speed-ups applied to the modular multiplication algorithm or implementation directly translate in a faster modular exponentiation for RSA or a faster realization of the group law when using elliptic curve cryptography
Theoretical and practical efficiency aspects in cryptography
EThOS - Electronic Theses Online ServiceGBUnited Kingdo
Design and implementation of high-speed algorithms for public-key cryptosystems
The aim of this dissertation is to improve computational efficiency of modular exponentiation-based public-key cryptosystems. The operational speed of these public-key cryptosystems is largely determined by the modular exponentiation operation of the form A = ge mod m where g is the base, e is the exponent and m is the modulus. The required modular exponentiation is computed by a series of modular multiplications. Optimized algorithms are required for various platforms, especially for lower-end platforms. These require the algorithms to be efficient and consume as little resources as possible. In these dissertation algorithms for integer multiplication, modular reduction and modular exponentiation, was developed and implemented in software, as required for public-key cryptography. A detailed analysis of these algorithms is given, as well as exact measurement of the computational speed achieved by each algorithm. This research shows that a total speed improvement of 13% can be achieved on existing modular exponentiation based public-key cryptosystems, in particular for the RSA cryptosystem. Three novel approaches are also presented for improving the decryption speed efficiency of the RSA algorithm. These methods focus on the selection of the decryption exponent by careful consideration of the difference between the two primes p and q. The resulting reduction of the decryption exponent improves the decryption speed by approximately 45%.Dissertation (MEng (Electronics))--University of Pretoria, 2006.Electrical, Electronic and Computer Engineeringunrestricte
Implementation and Evaluation of Algorithmic Skeletons: Parallelisation of Computer Algebra Algorithms
This thesis presents design and implementation approaches for the parallel algorithms of computer algebra. We use algorithmic skeletons and also further approaches, like data parallel arithmetic and actors. We have implemented skeletons for divide and conquer algorithms and some special parallel loops, that we call ‘repeated computation with a possibility of premature termination’. We introduce in this thesis a rational data parallel arithmetic. We focus on parallel symbolic computation algorithms, for these algorithms our arithmetic provides a generic parallelisation approach.
The implementation is carried out in Eden, a parallel functional programming language based on Haskell. This choice enables us to encode both the skeletons and the programs in the same language. Moreover, it allows us to refrain from using two different languages—one for the implementation and one for the interface—for our implementation of computer algebra algorithms.
Further, this thesis presents methods for evaluation and estimation of parallel execution times. We partition the parallel execution time into two components. One of them accounts for the quality of the parallelisation, we call it the ‘parallel penalty’. The other is the sequential execution time. For the estimation, we predict both components separately, using statistical methods. This enables very confident estimations, although using drastically less measurement points than other methods. We have applied both our evaluation and estimation approaches to the parallel programs presented in this thesis. We haven also used existing estimation methods.
We developed divide and conquer skeletons for the implementation of fast parallel multiplication. We have implemented the Karatsuba algorithm, Strassen’s matrix multiplication algorithm and the fast Fourier transform. The latter was used to implement polynomial convolution that leads to a further fast multiplication algorithm. Specially for our implementation of Strassen algorithm we have designed and implemented a divide and conquer skeleton basing on actors. We have implemented the parallel fast Fourier transform, and not only did we use new divide and conquer skeletons, but also developed a map-and-transpose skeleton. It enables good parallelisation of the Fourier transform. The parallelisation of Karatsuba multiplication shows a very good performance. We have analysed the parallel penalty of our programs and compared it to the serial fraction—an approach, known from literature. We also performed execution time estimations of our divide and conquer programs.
This thesis presents a parallel map+reduce skeleton scheme. It allows us to combine the usual parallel map skeletons, like parMap, farm, workpool, with a premature termination property. We use this to implement the so-called ‘parallel repeated computation’, a special form of a speculative parallel loop. We have implemented two probabilistic primality tests: the Rabin–Miller test and the Jacobi sum test. We parallelised both with our approach. We analysed the task distribution and stated the fitting configurations of the Jacobi sum test. We have shown formally that the Jacobi sum test can be implemented in parallel. Subsequently, we parallelised it, analysed the load balancing issues, and produced an optimisation. The latter enabled a good implementation, as verified using the parallel penalty. We have also estimated the performance of the tests for further input sizes and numbers of processing elements. Parallelisation of the Jacobi sum test and our generic parallelisation scheme for the repeated computation is our original contribution.
The data parallel arithmetic was defined not only for integers, which is already known, but also for rationals. We handled the common factors of the numerator or denominator of the fraction with the modulus in a novel manner. This is required to obtain a true multiple-residue arithmetic, a novel result of our research. Using these mathematical advances, we have parallelised the determinant computation using the Gauß elimination. As always, we have performed task distribution analysis and estimation of the parallel execution time of our implementation. A similar computation in Maple emphasised the potential of our approach. Data parallel arithmetic enables parallelisation of entire classes of computer algebra algorithms.
Summarising, this thesis presents and thoroughly evaluates new and existing design decisions for high-level parallelisations of computer algebra algorithms
On the generalisation of special moduli for faster interleaved montgomery modular multiplication
In this study, the authors give a generalisation of special moduli for faster interleaved Montgomery modular multiplication algorithm with simplified pre-computational phase for GF(p(n)), where p 2 is a prime number and n is a positive integer. The authors propose different sets of moduli that can be used in elliptic curve crytographic applications and pairing-based cryptography. Moreover, this method also leads to efficient implementations for the elliptic curve parameters given in standards. It is shown that one can obtain efficient Montgomery modular multiplication architecture in view of the number of AND gates and XOR gates by choosing proposed sets of moduli. The authors eliminate final substraction step with proposed sets of moduli. These methods are easy to implement for hardware
Computer Aided Verification
This open access two-volume set LNCS 10980 and 10981 constitutes the refereed proceedings of the 30th International Conference on Computer Aided Verification, CAV 2018, held in Oxford, UK, in July 2018. The 52 full and 13 tool papers presented together with 3 invited papers and 2 tutorials were carefully reviewed and selected from 215 submissions. The papers cover a wide range of topics and techniques, from algorithmic and logical foundations of verification to practical applications in distributed, networked, cyber-physical, and autonomous systems. They are organized in topical sections on model checking, program analysis using polyhedra, synthesis, learning, runtime verification, hybrid and timed systems, tools, probabilistic systems, static analysis, theory and security, SAT, SMT and decisions procedures, concurrency, and CPS, hardware, industrial applications
Formal verification of cryptographic software implementations
Tese de doutoramento em InformáticaSecurity is notoriously difficult to sell as a feature in software products. In addition to
meeting a set of security requirements, cryptographic software has to be cheap, fast,
and use little resources. The development of cryptographic software is an area with
specific needs in terms of software development processes and tools. In this thesis we
explore how formal techniques, namely deductive verification techniques, can be used
to increase the guarantees that cryptographic software implementations indeed work as
prescribed. This thesis is organized in two parts.
The first part is focused on the identification of relevant security policies that may
be at play in cryptographic systems, as well as the language-based mechanisms that can
be used to enforce such policies in those systems. We propose methodologies based on
deductive verification to formalise and verify relevant security policies in cryptographic
software. We also show the applicability of those methodologies by presenting some
case studies using a deductive verification tool integrated in the Frama-c framework.
In the second part we propose a deductive verification tool (CAOVerif) for a domainspecific
language for cryptographic implementations (CAO). Our aim is to apply the
methodologies proposed in the first part of this thesis work to verify the cryptographic
implementations written in CAO. The design of CAOVerif follows the same approach
used in other scenarios for general-propose languages and it is build on top of a plug-in
from the Frama-c framework. At the very end, we conclude the work of this thesis by
reasoning about the soundness of our verification tool.O software criptográfico possui requisitos específicos para garantir a segurança da
informação que manipula. Além disso, este tipo de software necessita de ser barato,
rápido e utilizar um número reduzido de recursos. Garantir a segurança da informação
que é manipulada por tais sistemas é um grande desafio, sendo por isso de grande objecto
de estudo actualmente. Nesta tese exploramos como as técnicas formais, nomeadamente
as técnicas de verificação dedutiva, podem ser utilizadas por forma a garantir que as
implementações de software criptográfico funcionam, de facto, como prescrito. O
trabalho desta tese está organizado em duas partes.
A primeira parte foca-se essencialmente na identificação de políticas de segurança
relevantes nos sistemas criptográficos, bem como nos mecanismos baseados em linguagens
que podem ser aplicados para garantir tais políticas. Neste contexto, propomos
metodologias baseadas em verificação dedutiva para formalizar e verificar políticas
de segurança. Mostramos também como essas metodologias podem ser aplicadas na
verificação de casos de estudo reais, utilizando a ferramenta de verificação dedutiva
integrada na ferramenta Frama-c.
Na segunda parte, propomos uma ferramenta de verificação dedutiva (CAOVerif)
para uma linguagem de domínio específico para implementações criptográficas (CAO).
O desenvolvimento de tal ferramenta tem como objectivo aplicar as metodologias desenvolvidas
na primeira parte deste trabalho às implementações criptográficas definidas em
CAO. O desenho desta ferramenta segue a mesma aproximação de outras ferramentas
de verificação dedutiva já existentes para outras linguagens. Concluímos o trabalho
desenvolvido dando um prova formal da correcção da ferramenta
New Directions for Contact Integrators
Contact integrators are a family of geometric numerical schemes which
guarantee the conservation of the contact structure. In this work we review the
construction of both the variational and Hamiltonian versions of these methods.
We illustrate some of the advantages of geometric integration in the
dissipative setting by focusing on models inspired by recent studies in
celestial mechanics and cosmology.Comment: To appear as Chapter 24 in GSI 2021, Springer LNCS 1282