mcbits objectives fast constant time set new speed
play

McBits: Objectives fast constant-time Set new speed records - PowerPoint PPT Presentation

Oct 07, 2023 •29 likes •969 views

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work

  1. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  2. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  3. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  4. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  5. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven ✿ ✿ ✿ using code-based crypto Peter Schwabe with a solid track record. Radboud University Nijmegen

  6. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven ✿ ✿ ✿ using code-based crypto Peter Schwabe with a solid track record. Radboud University Nijmegen ✿ ✿ ✿ all of the above at once .

  7. McBits: Objectives Examples constant-time Set new speed records Some cycle de-based cryptography for public-key cryptography. (Intel Co appear at CHES 2013) from bench.cr.yp.to ✿ ✿ ✿ at a high security level. Bernstein mceliece ✿ ✿ ✿ including protection University of Illinois at Chicago & (2008 Bisw against quantum computers. echnische Universiteit Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic ork with: against cache-timing attacks, kumfp127g Chou branch-prediction attacks, etc. (hyperelliptic; echnische Universiteit Eindhoven curve25519 ✿ ✿ ✿ using code-based crypto (conservative Schwabe with a solid track record. mceliece oud University Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024

  8. Objectives Examples of the comp constant-time Set new speed records Some cycle counts cryptography for public-key cryptography. (Intel Core i5-3210M, CHES 2013) from bench.cr.yp.to ✿ ✿ ✿ at a high security level. mceliece encrypt ✿ ✿ ✿ including protection Illinois at Chicago & (2008 Biswas–Sendri against quantum computers. Universiteit Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic curve; against cache-timing attacks, kumfp127g DH branch-prediction attacks, etc. (hyperelliptic; Euro Universiteit Eindhoven curve25519 DH ✿ ✿ ✿ using code-based crypto (conservative elliptic with a solid track record. mceliece decrypt University Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024 decrypt

  9. Objectives Examples of the competition Set new speed records Some cycle counts on h9ivy for public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : ✿ ✿ ✿ at a high security level. mceliece encrypt ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) Chicago & against quantum computers. Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic curve; CHES against cache-timing attacks, kumfp127g DH 116944 branch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) Eindhoven curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) with a solid track record. mceliece decrypt 1219344 Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024 decrypt 1340040

  10. Objectives Examples of the competition Set new speed records Some cycle counts on h9ivy for public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : ✿ ✿ ✿ at a high security level. mceliece encrypt 61440 ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) against quantum computers. gls254 DH 77468 ✿ ✿ ✿ including full protection (binary elliptic curve; CHES 2013) against cache-timing attacks, kumfp127g DH 116944 branch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) with a solid track record. mceliece decrypt 1219344 ✿ ✿ ✿ all of the above at once . ronald1024 decrypt 1340040

  11. Objectives Examples of the competition New dec new speed records Some cycle counts on h9ivy ( ♥❀ t ) = (4096 ❀ public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : a high security level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) against quantum computers. gls254 DH 77468 ✿ ✿ ✿ including full protection (binary elliptic curve; CHES 2013) against cache-timing attacks, kumfp127g DH 116944 ranch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) solid track record. mceliece decrypt 1219344 ✿ ✿ ✿ of the above at once . ronald1024 decrypt 1340040

  12. Examples of the competition New decoding speeds records Some cycle counts on h9ivy ( ♥❀ t ) = (4096 ❀ 41); cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : security level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ rotection (2008 Biswas–Sendrier, 2 80 ) computers. gls254 DH 77468 ✿ ✿ ✿ full protection (binary elliptic curve; CHES 2013) cache-timing attacks, kumfp127g DH 116944 rediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ de-based crypto (conservative elliptic curve) track record. mceliece decrypt 1219344 ✿ ✿ ✿ ove at once . ronald1024 decrypt 1340040

  13. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 securit Some cycle counts on h9ivy cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ (2008 Biswas–Sendrier, 2 80 ) ers. gls254 DH 77468 ✿ ✿ ✿ rotection (binary elliptic curve; CHES 2013) attacks, kumfp127g DH 116944 etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ crypto (conservative elliptic curve) mceliece decrypt 1219344 ✿ ✿ ✿ once . ronald1024 decrypt 1340040

  14. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : mceliece encrypt 61440 (2008 Biswas–Sendrier, 2 80 ) gls254 DH 77468 (binary elliptic curve; CHES 2013) kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

  15. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) 60493 Ivy Bridge cycles. from bench.cr.yp.to : Talk will focus on this case. mceliece encrypt (Decryption is slightly slower: 61440 (2008 Biswas–Sendrier, 2 80 ) includes hash, cipher, MAC.) gls254 DH 77468 (binary elliptic curve; CHES 2013) kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

  16. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) 60493 Ivy Bridge cycles. from bench.cr.yp.to : Talk will focus on this case. mceliece encrypt (Decryption is slightly slower: 61440 (2008 Biswas–Sendrier, 2 80 ) includes hash, cipher, MAC.) gls254 DH 77468 ( ♥❀ t ) = (2048 ❀ 32); 2 80 security: (binary elliptic curve; CHES 2013) 26544 Ivy Bridge cycles. kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

Recommend

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou

746 views • 73 slides
McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven, The Netherlands October 13, 2015 Joint work with Daniel J. Bernstein and Peter Schwabe Outline Summary of Our Work Background Main

439 views • 32 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

823 views • 46 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

643 views • 52 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

625 views • 41 slides
McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University

902 views • 43 slides
Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1 University of Illinois at Chicago 2 Ruhr Universt at Bochum 3 Academia Sinica Monday, August 26, 2019 Summary: Fast, Safe GCD and Inversions

431 views • 23 slides
Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Mathematical Physics Constant Speed Motion 2019-02-06 www.njctl.org Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in One Dimension Formulas and Solving Problems Constant Speed

2.07k views • 182 slides
Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on ARM Cortex-M Alexandre Adomnicai 1,2 Zakaria Najm 1,2,3 Thomas Peyrin 1,2 1 Nanyang Technological University, Singapore 2 Temasek Laboratories,

457 views • 34 slides
SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic field points out of the page . What happens to the electrons in the bar (in the frame of the moving bar)? A. Nothing B. They move upward C. They

210 views • 4 slides
High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering: Design programming environment to minimize programmer time. Environment is now constant. Write tons of software. Software is now constant. Try

389 views • 4 slides
Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Slide 1 / 57 1 An object moves at a constant speed of 6 m/s. This means that the object: Increases its speed by 6 m/s every second A Decreases its speed by 6 m/s every second B Doesnt move C Has a positive acceleration D Moves 6

962 views • 57 slides
Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!) Riad S. Wahby, Dan Boneh Stanford December 3 rd , 2019 Motivation Our initial motivation: BLS signatures [BLS01] Motivation Our initial

1.38k views • 126 slides
DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control PWM Cog DC Motor Control Input Cog Desired Speed Position Destination Count Cog Quadrature Encoder Speed Cog Proportional w Inertia DC Motor Control To maintain constant speed Even after Motor Power is re- Motor

554 views • 9 slides
Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in physical behavior field Marta Karas Nov 5, 2019 Outline Fast time-series processing Rolling statistics Speed-up rolling mean/sd/var

413 views • 23 slides
DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to heavy weight cargo we ship it worldwide at express speed. Whether by special courier or direct delivery, with DSV XPress your shipment is

444 views • 11 slides
The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing

The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing

The Need for Speed: Fast and Equitable Grading of Essays A Presentation by the Academic Writing Centre and Writing Tutorial Service Todays presentation Thinking about your time Brainstorm sessionWhy does grading take so long?

248 views • 8 slides
+ - Can be constant or time varying +/- indicates polarity Current Source Can be

+ - Can be constant or time varying +/- indicates polarity Current Source Can be

Review of Circuit Analysis Common Symbols Independent Sources Battery Constant voltage DC voltage source Voltage Source + - Can be constant or time varying +/- indicates polarity Current Source Can be constant or time

388 views • 14 slides
How fast would you Managing speed is at the core of Vision Zero approach Characteristics

How fast would you Managing speed is at the core of Vision Zero approach Characteristics

Nzev akce, msto, datum Nzev akce, msto, datum Introduction (1/2) Introduction (2/2) Speed = the most influential driving risk factor The study investigates the hypothesized relationship: How fast would you Managing speed is at

156 views • 3 slides
Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms

Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms

Building fast web applications Thierry Sans Users respond to speed Amazon found every 100ms of latency cost them 1% in sales Google found an extra . 5 seconds in search page generation time dropped traffic by 20% A broker could

557 views • 20 slides
Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on

Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on

Slide 1 / 42 Slide 2 / 42 1. Block 1 with a mass of 500 g moves at a constant speed of 5 m/s on a horizontal frictionless track and collides and sticks to a stationary block 2 mass of 1.5 kg. Block 2 is attached to an unstretched spring with a

338 views • 7 slides
CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global

CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global

CS 3700 Networks and Distributed Systems Time and Logical Clocks Revised 3/24/16 Global Time 2 In practice, we act like there is a global notion of time But, time is relative Einstein showed speed of light constant for all

1.15k views • 49 slides
1 of 30 Once Upon a Time... Constant diffusion: J = - D u u

1 of 30 Once Upon a Time... Constant diffusion: J = - D u u

1 of 30 Once Upon a Time... Constant diffusion: J = - D u u t = - J = D D u But is this truly realistic??? 2 of 30 Problems With Constant Diffusion Any initial

458 views • 32 slides
Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is

Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is

g e o m e t r i c v e c t o r s g e o m e t r i c v e c t o r s Velocity MCV4U: Calculus & Vectors Recall that speed, a measure of how fast something is travelling, is a scalar quantity. Velocity is speed with direction, and is a vector

356 views • 3 slides

More recommend