mcbits objectives fast constant time set new speed
play

McBits: Objectives fast constant-time Set new speed records - PowerPoint PPT Presentation

Sep 16, 2022 •16 likes •746 views

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou

  1. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven (original speaker, still waiting for U.S. visa) Peter Schwabe Radboud University Nijmegen

  2. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein ✿ ✿ ✿ at a high security level. University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven (original speaker, still waiting for U.S. visa) Peter Schwabe Radboud University Nijmegen

  3. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein ✿ ✿ ✿ at a high security level. University of Illinois at Chicago & ✿ ✿ ✿ including protection Technische Universiteit Eindhoven against quantum computers. Joint work with: Tung Chou Technische Universiteit Eindhoven (original speaker, still waiting for U.S. visa) Peter Schwabe Radboud University Nijmegen

  4. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein ✿ ✿ ✿ at a high security level. University of Illinois at Chicago & ✿ ✿ ✿ including protection Technische Universiteit Eindhoven against quantum computers. Joint work with: ✿ ✿ ✿ including full protection Tung Chou against cache-timing attacks, Technische Universiteit Eindhoven branch-prediction attacks, etc. (original speaker, still waiting for U.S. visa) Peter Schwabe Radboud University Nijmegen

  5. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein ✿ ✿ ✿ at a high security level. University of Illinois at Chicago & ✿ ✿ ✿ including protection Technische Universiteit Eindhoven against quantum computers. Joint work with: ✿ ✿ ✿ including full protection Tung Chou against cache-timing attacks, Technische Universiteit Eindhoven branch-prediction attacks, etc. (original speaker, ✿ ✿ ✿ using code-based crypto still waiting for U.S. visa) with a solid track record. Peter Schwabe Radboud University Nijmegen

  6. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein ✿ ✿ ✿ at a high security level. University of Illinois at Chicago & ✿ ✿ ✿ including protection Technische Universiteit Eindhoven against quantum computers. Joint work with: ✿ ✿ ✿ including full protection Tung Chou against cache-timing attacks, Technische Universiteit Eindhoven branch-prediction attacks, etc. (original speaker, ✿ ✿ ✿ using code-based crypto still waiting for U.S. visa) with a solid track record. Peter Schwabe ✿ ✿ ✿ all of the above at once . Radboud University Nijmegen

  7. McBits: Objectives The track constant-time Set new speed records 1978 McEliece de-based cryptography for public-key cryptography. public-key Bernstein ✿ ✿ ✿ at a high security level. Has held University of Illinois at Chicago & optimization ✿ ✿ ✿ including protection echnische Universiteit Eindhoven 1962 Prange. against quantum computers. ork with: 1988 Lee–Brick ✿ ✿ ✿ including full protection 1989 Krouk. Chou against cache-timing attacks, 1989 Dumer. echnische Universiteit Eindhoven branch-prediction attacks, etc. 1990 Coffey–Go riginal speaker, 1990 van ✿ ✿ ✿ using code-based crypto aiting for U.S. visa) 1991 Coffey–Go with a solid track record. Schwabe 1993 Chabanne–Courteau. ✿ ✿ ✿ all of the above at once . oud University Nijmegen 1993 Chabaud.

  8. Objectives The track record constant-time Set new speed records 1978 McEliece prop cryptography for public-key cryptography. public-key code-based ✿ ✿ ✿ at a high security level. Has held up well after Illinois at Chicago & optimization of attack ✿ ✿ ✿ including protection Universiteit Eindhoven 1962 Prange. 1981 against quantum computers. 1988 Lee–Brickell. ✿ ✿ ✿ including full protection 1989 Krouk. 1989 against cache-timing attacks, 1989 Dumer. Universiteit Eindhoven branch-prediction attacks, etc. 1990 Coffey–Goodman. er, 1990 van Tilburg. ✿ ✿ ✿ using code-based crypto U.S. visa) 1991 Coffey–Goodman–F with a solid track record. 1993 Chabanne–Courteau. ✿ ✿ ✿ all of the above at once . University Nijmegen 1993 Chabaud.

  9. Objectives The track record Set new speed records 1978 McEliece proposed for public-key cryptography. public-key code-based crypto. ✿ ✿ ✿ at a high security level. Has held up well after extensive Chicago & optimization of attack algorithms: ✿ ✿ ✿ including protection Eindhoven 1962 Prange. 1981 Omura. against quantum computers. 1988 Lee–Brickell. 1988 Leon. ✿ ✿ ✿ including full protection 1989 Krouk. 1989 Stern. against cache-timing attacks, 1989 Dumer. Eindhoven branch-prediction attacks, etc. 1990 Coffey–Goodman. 1990 van Tilburg. 1991 Dumer. ✿ ✿ ✿ using code-based crypto 1991 Coffey–Goodman–Farrell. with a solid track record. 1993 Chabanne–Courteau. ✿ ✿ ✿ all of the above at once . Nijmegen 1993 Chabaud.

  10. Objectives The track record Set new speed records 1978 McEliece proposed for public-key cryptography. public-key code-based crypto. ✿ ✿ ✿ at a high security level. Has held up well after extensive optimization of attack algorithms: ✿ ✿ ✿ including protection 1962 Prange. 1981 Omura. against quantum computers. 1988 Lee–Brickell. 1988 Leon. ✿ ✿ ✿ including full protection 1989 Krouk. 1989 Stern. against cache-timing attacks, 1989 Dumer. branch-prediction attacks, etc. 1990 Coffey–Goodman. 1990 van Tilburg. 1991 Dumer. ✿ ✿ ✿ using code-based crypto 1991 Coffey–Goodman–Farrell. with a solid track record. 1993 Chabanne–Courteau. ✿ ✿ ✿ all of the above at once . 1993 Chabaud.

  11. Objectives The track record 1994 van 1994 Canteaut–Chabanne. new speed records 1978 McEliece proposed 1998 Canteaut–Chabaud. public-key cryptography. public-key code-based crypto. 1998 Canteaut–Sendrier. a high security level. Has held up well after extensive ✿ ✿ ✿ 2008 Bernstein–Lange–P optimization of attack algorithms: 2009 Bernstein–Lange– ✿ ✿ ✿ including protection 1962 Prange. 1981 Omura. Peters–van against quantum computers. 1988 Lee–Brickell. 1988 Leon. 2009 Bernstein ✿ ✿ ✿ including full protection 1989 Krouk. 1989 Stern. 2009 Finiasz–Sendrier. against cache-timing attacks, 1989 Dumer. 2010 Bernstein–Lange–P ranch-prediction attacks, etc. 1990 Coffey–Goodman. 2011 Ma 1990 van Tilburg. 1991 Dumer. 2011 Beck ✿ ✿ ✿ using code-based crypto 1991 Coffey–Goodman–Farrell. 2012 Beck solid track record. 1993 Chabanne–Courteau. 2013 Bernstein–Jeffe ✿ ✿ ✿ of the above at once . 1993 Chabaud. Meurer (p

  12. The track record 1994 van Tilburg. 1994 Canteaut–Chabanne. records 1978 McEliece proposed 1998 Canteaut–Chabaud. cryptography. public-key code-based crypto. 1998 Canteaut–Sendrier. security level. Has held up well after extensive ✿ ✿ ✿ 2008 Bernstein–Lange–P optimization of attack algorithms: 2009 Bernstein–Lange– ✿ ✿ ✿ rotection 1962 Prange. 1981 Omura. Peters–van Tilborg. computers. 1988 Lee–Brickell. 1988 Leon. 2009 Bernstein (post-quantum). ✿ ✿ ✿ full protection 1989 Krouk. 1989 Stern. 2009 Finiasz–Sendrier. cache-timing attacks, 1989 Dumer. 2010 Bernstein–Lange–P rediction attacks, etc. 1990 Coffey–Goodman. 2011 May–Meurer–Th 1990 van Tilburg. 1991 Dumer. 2011 Becker–Coron–Joux. ✿ ✿ ✿ de-based crypto 1991 Coffey–Goodman–Farrell. 2012 Becker–Joux–Ma track record. 1993 Chabanne–Courteau. 2013 Bernstein–Jeffe ✿ ✿ ✿ ove at once . 1993 Chabaud. Meurer (post-quantum).

  13. The track record 1994 van Tilburg. 1994 Canteaut–Chabanne. 1978 McEliece proposed 1998 Canteaut–Chabaud. cryptography. public-key code-based crypto. 1998 Canteaut–Sendrier. level. Has held up well after extensive ✿ ✿ ✿ 2008 Bernstein–Lange–Peters. optimization of attack algorithms: 2009 Bernstein–Lange– ✿ ✿ ✿ 1962 Prange. 1981 Omura. Peters–van Tilborg. ers. 1988 Lee–Brickell. 1988 Leon. 2009 Bernstein (post-quantum). ✿ ✿ ✿ rotection 1989 Krouk. 1989 Stern. 2009 Finiasz–Sendrier. attacks, 1989 Dumer. 2010 Bernstein–Lange–Peters. etc. 1990 Coffey–Goodman. 2011 May–Meurer–Thomae. 1990 van Tilburg. 1991 Dumer. 2011 Becker–Coron–Joux. ✿ ✿ ✿ crypto 1991 Coffey–Goodman–Farrell. 2012 Becker–Joux–May–Meurer. 1993 Chabanne–Courteau. 2013 Bernstein–Jeffery–Lange– ✿ ✿ ✿ once . 1993 Chabaud. Meurer (post-quantum).

Recommend

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work

969 views • 94 slides
McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven, The Netherlands October 13, 2015 Joint work with Daniel J. Bernstein and Peter Schwabe Outline Summary of Our Work Background Main

439 views • 32 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

823 views • 46 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

643 views • 52 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

625 views • 41 slides
McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University

902 views • 43 slides
Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1 University of Illinois at Chicago 2 Ruhr Universt at Bochum 3 Academia Sinica Monday, August 26, 2019 Summary: Fast, Safe GCD and Inversions

431 views • 23 slides
Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Mathematical Physics Constant Speed Motion 2019-02-06 www.njctl.org Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in One Dimension Formulas and Solving Problems Constant Speed

2.07k views • 182 slides
Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on ARM Cortex-M Alexandre Adomnicai 1,2 Zakaria Najm 1,2,3 Thomas Peyrin 1,2 1 Nanyang Technological University, Singapore 2 Temasek Laboratories,

457 views • 34 slides
SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic field points out of the page . What happens to the electrons in the bar (in the frame of the moving bar)? A. Nothing B. They move upward C. They

210 views • 4 slides
High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering: Design programming environment to minimize programmer time. Environment is now constant. Write tons of software. Software is now constant. Try

389 views • 4 slides
Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Slide 1 / 57 1 An object moves at a constant speed of 6 m/s. This means that the object: Increases its speed by 6 m/s every second A Decreases its speed by 6 m/s every second B Doesnt move C Has a positive acceleration D Moves 6

962 views • 57 slides
Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!) Riad S. Wahby, Dan Boneh Stanford December 3 rd , 2019 Motivation Our initial motivation: BLS signatures [BLS01] Motivation Our initial

1.38k views • 126 slides
DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control PWM Cog DC Motor Control Input Cog Desired Speed Position Destination Count Cog Quadrature Encoder Speed Cog Proportional w Inertia DC Motor Control To maintain constant speed Even after Motor Power is re- Motor

554 views • 9 slides
Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in physical behavior field Marta Karas Nov 5, 2019 Outline Fast time-series processing Rolling statistics Speed-up rolling mean/sd/var

413 views • 23 slides
DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to heavy weight cargo we ship it worldwide at express speed. Whether by special courier or direct delivery, with DSV XPress your shipment is

444 views • 11 slides
The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing

The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing

The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing Centre and Writing Tutorial Service Todays presentation Thinking about your time Brainstorm sessionWhy does grading take so long?

248 views • 8 slides
+ - Can be constant or time varying +/- indicates polarity Current Source Can be

+ - Can be constant or time varying +/- indicates polarity Current Source Can be

Review of Circuit Analysis Common Symbols Independent Sources Battery Constant voltage DC voltage source Voltage Source + - Can be constant or time varying +/- indicates polarity Current Source Can be constant or time

388 views • 14 slides
How fast would you Managing speed is at the core of Vision Zero approach Characteristics

How fast would you Managing speed is at the core of Vision Zero approach Characteristics

Nzev akce, msto, datum Nzev akce, msto, datum Introduction (1/2) Introduction (2/2) Speed = the most influential driving risk factor The study investigates the hypothesized relationship: How fast would you Managing speed is at

156 views • 3 slides
Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms

Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms

Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms of latency cost them 1% in sales Google found an extra . 5 seconds in search page generation time dropped traffic by 20% A broker could

557 views • 20 slides
Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on

Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on

Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on a horizontal frictionless track and collides and sticks to a stationary block 2 mass of 1.5 kg. Block 2 is attached to an unstretched spring with a

338 views • 7 slides
CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global

CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global

CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global Time 2 In practice, we act like there is a global notion of time But, time is relative Einstein showed speed of light constant for all

1.15k views • 49 slides
1 of 30 Once Upon a Time... Constant diffusion: J = - D u u

1 of 30 Once Upon a Time... Constant diffusion: J = - D u u

1 of 30 Once Upon a Time... Constant diffusion: J = - D u u t = - J = D D u But is this truly realistic??? 2 of 30 Problems With Constant Diffusion Any initial

458 views • 32 slides
Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is

Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is

g e o m e t r i c v e c t o r s g e o m e t r i c v e c t o r s Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is travelling, is a scalar quantity. Velocity is speed with direction, and is a vector

356 views • 3 slides

More recommend