58 research outputs found
LaTeX, metadata, and publishing workflows
The field of scientific publishing that is served by LaTeX is increasingly
dependent on the availability of metadata about publications. We discuss how to
use LaTeX classes and BibTeX styles to curate metadata throughout the life
cycle of a published article. Our focus is on streamlining and automating much
of publishing workflow. We survey the various options and drawbacks of the
existing approaches and outline our approach as applied in a new LaTeX style
file where we have as main goal to make it easier for authors to specify their
metadata only once and use this throughout the entire publishing pipeline. We
believe this can help to reduce the cost of publishing, by reducing the amount
of human effort required for editing and providing of publication metadata
Finding ECM-friendly curves through a study of Galois properties
In this paper we prove some divisibility properties of the cardinality of
elliptic curves modulo primes. These proofs explain the good behavior of
certain parameters when using Montgomery or Edwards curves in the setting of
the elliptic curve method (ECM) for integer factorization. The ideas of the
proofs help us to find new families of elliptic curves with good division
properties which increase the success probability of ECM
Collision bounds for the additive Pollard rho algorithm for solving discrete logarithms
We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group . Unlike the setting studied by Kim et al., we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound (||) by a factor of log|| and are based on mixing time estimates for random walks on finite abelian groups due to Dou and Hildebran
Arithmetic Considerations for Isogeny Based Cryptography
In this paper we investigate various arithmetic techniques which can be used to potentially enhance the performance in the supersingular isogeny Diffie-Hellman (SIDH) key-exchange protocol which is one of the more recent contenders in the post-quantum public-key arena. Firstly, we give a systematic overview of techniques to compute efficient arithmetic modulo . Our overview shows that in the SIDH setting, where arithmetic over a quadratic extension field is required, the approaches based on Montgomery reduction for such primes of a special shape are to be preferred. Moreover, the outcome of our investigation reveals that there exist moduli which allow even faster implementations.
Secondly, we investigate if it is beneficial to use other curve models to speed-up the elliptic curve scalar multiplication. The use of twisted Edwards curves allows one to search for efficient addition-subtraction chains for fixed scalars while this is not possible with the differential addition law when using Montgomery curves. Our preliminary results show that despite the fact that we found such efficient chains, using twisted Edwards curves does not result in faster scalar multiplication arithmetic in the setting of SIDH
ECM at Work
The performance of the elliptic curve method (ECM) for integer factorization plays an important role in the security assessment of RSA-based protocols as a cofactorization tool inside the number field sieve. The efficient arithmetic for Edwards curves found an application by speeding up ECM. We propose techniques based on generating and combining addition-subtracting chains to optimize Edwards ECM in terms of both performance and memory requirements. This makes our approach very suitable for memory-constrained devices such as graphics processing units (GPU). For commonly used ECM parameters we are able to lower the required memory up to a factor 55 compared to the state-of-the-art Edwards ECM approach. Our ECM implementation on a GTX 580 GPU sets a new throughput record, outperforming the best GPU, CPU and FPGA results reported in literature
Faster Modular Arithmetic For Isogeny Based Crypto on Embedded Devices
We show how to implement the Montgomery reduction algorithm for isogeny based cryptography such that it can utilize the unsigned multiply accumulate accumulate long instruction present on modern ARM architectures. This results in a practical speed-up of a factor 1.34 compared to the approach used by SIKE: the supersingular isogeny based submission to the ongoing post-quantum standardization effort.
Moreover, motivated by the recent work of Costello and Hisil (ASIACRYPT 2017), which shows that there is only a moderate degradation in performance when evaluating large odd degree isogenies, we search for more general supersingular isogeny friendly moduli. Using graphics processing units to accelerate this search we find many such moduli which allow for faster implementations on embedded devices. By combining these two approaches we manage to make the modular reduction 1.5 times as fast on a 32-bit ARM platform
Montgomery Arithmetic from a Software Perspective
This chapter describes Peter L. Montgomery\u27s modular multiplication method and the various improvements to reduce the latency for software implementations on devices which have access to many computational units
Collision Bounds for the Additive Pollard Rho Algorithm for Solving Discrete Logarithms
We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group . Unlike the setting studied by Kim et al. we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound by a factor of and are based on mixing time estimates for random walks on finite abelian groups due to Hildebrand
Dilithium for Memory Constrained Devices
We investigate the use of the Dilithium post-quantum digital signature scheme on memory-constrained systems. Reference and optimized implementations of Dilithium in the benchmarking framework pqm4 (Cortex-M4) require 50 – 100 KiB of memory, demonstrating the significant challenge to use Dilithium on small IoT platforms. We show that compressing polynomials, using an alternative number theoretic transform, and falling back to the schoolbook method for certain multiplications reduces the memory footprint significantly. This results in the first implementation of Dilithium for which the recommended parameter set requires less than 7 KiB of memory for key and signature generation and less than 3 KiB of memory for signature verification. We also provide benchmark details of a portable implementation in order to estimate the performance impact when using these memory reduction methods
- …