Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability

We present a group signature scheme, based on the hardness of lattice problems, whose outputs are more than an order of magnitude smaller than the currently most efficient schemes in the literature. Since lattice-based schemes are also usually non-trivial to efficiently implement, we additionally provide the first experimental implementation of lattice-based group signatures demonstrating that our construction is indeed practical -- all operations take less than half a second on a standard laptop. A key component of our construction is a new zero-knowledge proof system for proving that a committed value belongs to a particular set of small size. The sets for which our proofs are applicable are exactly those that contain elements that remain stable under Galois automorphisms of the underlying cyclotomic number field of our lattice-based protocol. We believe that these proofs will find applications in other settings as well. The motivation of the new zero-knowledge proof in our construction is to allow the efficient use of the selectively-secure signature scheme (i.e. a signature scheme in which the adversary declares the forgery message before seeing the public key) of Agrawal et al. (Eurocrypt 2010) in constructions of lattice-based group signatures and other privacy protocols. For selectively-secure schemes to be meaningfully converted to standard signature schemes, it is crucial that the size of the message space is not too large. Using our zero-knowledge proofs, we can strategically pick small sets for which we can provide efficient zero-knowledge proofs of membership

Improved division by invariant integers

Abstract-This paper considers the problem of dividing a two-word integer by a single-word integer, together with a few extensions and applications. Due to lack of efficient division instructions in current processors, the division is performed as a multiplication using a precomputed single-word approximation of the reciprocal of the divisor, followed by a couple of adjustment steps. There are three common types of unsigned multiplication instructions; we define full word multiplication (umul) which produces the two-word product of two single-word integers, low multiplication (umullo) which produces only the least significant word of the product, and high multiplication (umulhi), which produces only the most significant word. We describe an algorithm which produces a quotient and remainder using one umul and one umullo. This is an improvement over earlier methods, since the new method uses cheaper multiplication operations. It turns out we also get some additional savings from simpler adjustment conditions. The algorithm has been implemented in version 4.3 of the GMP library. When applied to the problem of dividing a large integer by a single word, the new algorithm gives a speedup of roughly 30%, benchmarked on AMD and Intel processors in the x86 64 family

Instruction latencies and throughput for AMD and Intel x86 processors

Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved. [This report is work-in-progress. A newer version might be available for download here

Division by invariant integers using multiplication

Integer division remains expensive on today's processors as the cost of integer multiplication declines. We present code sequences for division by arbitrary nonzero integer constants and run--time invariants using integer multiplication. The algorithms assume a two's complement architecture. Most also require that the upper half of an integer product be quickly accessible. We treat unsigned division, signed division where the quotient rounds towards zero, signed division where the quotient rounds towards -#, and division where the result is known a priori to be exact. We give some implementation results using the C compiler GCC

From my perspective : perceived participation in mainstream schools in studens with autsim spectrum conditions

Objectives: To examine perceived participation in students with ASC and their classmates in mainstream schools and to investigate correlations between activities the students wanted to do and actually participated in. Methods: Twenty-two students with ASC and their 382 classmates responded to a 46-item questionnaire regarding perceived participation in mainstream schools. Results: On 57% of the items, students with ASC perceived lower participation than their classmates. These results emphasize the importance of knowledge about students’ perceived participation. However, positive correlations between what the students wanted to do and actually did indicate that students with ASC may be participating to the extent that they wanted. Conclusion: Students with ASC perceived lower overall participation in mainstream school than their classmates. The correlations between “I want to” and “I do” statements in students with ASC indicated that aspects of autonomy are important to incorporate when studying, and interpreting, self-rated participation in mainstream schools