how to generalize rsa cryptanalyses
play

How to Generalize RSA Cryptanalyses Atsushi Takayasu and Noboru - PowerPoint PPT Presentation

Apr 13, 2023 β€’253 likes β€’581 views

PKC2016@Taipei How to Generalize RSA Cryptanalyses Atsushi Takayasu and Noboru Kunihiro The University of Tokyo, Japan AIST, Japan 1/19 Background 2 /19 RSA Public key: , Secret key: (, , ) Key generation: =

  1. PKC2016@Taipei How to Generalize RSA Cryptanalyses Atsushi Takayasu and Noboru Kunihiro The University of Tokyo, Japan AIST, Japan 1/19

  2. Background 2 /19

  3. RSA Public key: 𝑂, 𝑓 Secret key: (π‘ž, π‘Ÿ, 𝑒) Key generation: 𝑂 = π‘žπ‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) οƒΌ One of the most famous cryptosystems οƒΌ A number of paper study the security. 3 /19

  4. Known Attacks on RSA β€’ Small secret exponent attack: [BD00] Small secret exponent 𝑒 < 𝑂 0.292 disclose the factorization of 𝑂 . β€’ Partial key exposure attacks: [EJMW05], [TK14] The most/least significant bits of 𝑒 disclose the factorization of 𝑂 . οƒΌ These attacks are based on Coppersmith’s method. 4 /19

  5. Variants of RSA RSA Takagi RSA Prime Power RSA 𝑂, 𝑓 𝑂, 𝑓 𝑂, 𝑓 PK (π‘ž, π‘Ÿ, 𝑒) (π‘ž, π‘Ÿ, 𝑒) (π‘ž, π‘Ÿ, 𝑒) SK 𝑂 = π‘ž 𝑠 π‘Ÿ 𝑂 = π‘ž 𝑠 π‘Ÿ 𝑂 = π‘žπ‘Ÿ KG 𝑓𝑒 = 1 𝑓𝑒 = 1 𝑓𝑒 = 1 mod mod mod π‘ž π‘ βˆ’1 (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) οƒΌ The variants enable faster decryption using CRT. οƒΌ When 𝑠 = 1 , both variants are the same as RSA. 5 /19

  6. Known Attacks on the Variants RSA Takagi’s RSA Prime Power RSA Small [BD00] [IKK08] [May04], [LZPL15], Secret [Sar15] Exponent Partial [EJMW05], [HHX+14] [May04], [LZPL15], Key [TK14] [Sar15], [EKU15] Exposure οƒΌ When 𝑠 = 1 , only [IKK08] achieves the same bound as the best attacks on RSA. 6 /19

  7. Open Questions β€’ Are there better attacks on the variants that generalize the best attacks on RSA? β€’ [IKK08]’s algorithm construction is very technical and hard to follow. 7 /19

  8. Open Questions β€’ Are there better attacks on the variants that generalize the best attacks on RSA? β€’ [IKK08]’s algorithm construction is very technical and hard to follow. Are there easy-to-understand generic transformations that convert the attacks on RSA to Takagi’s RSA and the prime power RSA? 7 /19

  9. Our Results We propose transformations for both the Takagi’s RSA and the prime power RSA which are very simple and give improved results. – Simpler analyses of [IKK08], [Sar15] – Better bounds than [HHX+14], [Sar15], [EKU15] – Some evidence of optimality 8 /19

  10. PKE attacks on Takagi’s RSA (𝑠 = 2) Exposed proportion of 𝑒 [HHX+14] Our Improvements log 𝑂 𝑒 9 /19

  11. PKE attacks on Takagi’s RSA (𝑠 = 2) Exposed proportion of 𝑒 [HHX+14] Our Improvements log 𝑂 𝑒 9 /19

  12. PKE attacks on the prime power RSA (𝑠 = 2) Exposed proportion of 𝑒 [LZPL15] [Sar15] Our Improvements log 𝑂 𝑒 9 /19

  13. Coppersmith’s Method 10 /19

  14. Overview [How97] To find small roots of a bivariate modular equation β„Ž 𝑦, 𝑧 = 0 mod 𝑓 where 𝑦 < π‘Œ and 𝑧 < Y, 11 /19

  15. Overview [How97] To find small roots of a bivariate modular equation β„Ž 𝑦, 𝑧 = 0 mod 𝑓 where 𝑦 < π‘Œ and 𝑧 < Y, β€’ Generate β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) that have the roots ) modulo 𝑓 𝑛 . (𝑦 , 𝑧 11 /19

  16. Overview [How97] To find small roots of a bivariate modular equation β„Ž 𝑦, 𝑧 = 0 mod 𝑓 where 𝑦 < π‘Œ and 𝑧 < Y, β€’ Generate β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) that have the roots ) modulo 𝑓 𝑛 . (𝑦 , 𝑧 β€’ If integer linear combinations of β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) β€² 𝑦, 𝑧 and β„Ž 2 β€² (𝑦, 𝑧) satisfying become β„Ž 1 < 𝑓 𝑛 , β„Ž 𝑗 β€²(π‘¦π‘Œ, 𝑧𝑍) the original roots can be recovered. 11 /19

  17. LLL Reduction to Find the Polynomials β€² 𝑦, 𝑧 and β„Ž 2 β€² (𝑦, 𝑧) that are the integer β€’ Polynomials β„Ž 1 linear combinations of β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) and the norms of β„Ž 𝑗 β€²(π‘¦π‘Œ, 𝑧𝑍) are small. 12 /19

  18. LLL Reduction to Find the Polynomials β€² 𝑦, 𝑧 and β„Ž 2 β€² (𝑦, 𝑧) that are the integer β€’ Polynomials β„Ž 1 linear combinations of β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) and the norms of β„Ž 𝑗 β€²(π‘¦π‘Œ, 𝑧𝑍) are small. β€’ LLL algorithm can efficiently find short lattice vectors 𝑐 1 β€² and 𝑐 2 β€² that are the integer linear combinations of 𝑐 1 , …, 𝑐 π‘œ and the Euclidean norms are small. 12 /19

  19. LLL Reduction to Find the Polynomials β€² 𝑦, 𝑧 and β„Ž 2 β€² (𝑦, 𝑧) that are the integer β€’ Polynomials β„Ž 1 linear combinations of β„Ž 1 𝑦, 𝑧 , … , β„Ž π‘œ (𝑦, 𝑧) and the norms of β„Ž 𝑗 β€²(π‘¦π‘Œ, 𝑧𝑍) are small. β€’ LLL algorithm can efficiently find short lattice vectors 𝑐 1 β€² and 𝑐 2 β€² that are the integer linear combinations of 𝑐 1 , …, 𝑐 π‘œ and the Euclidean norms are small. οƒΌ Build a lattice whose basis consists of coefficients of β„Ž 1 π‘¦π‘Œ, 𝑧𝑍 , … , β„Ž π‘œ (π‘¦π‘Œ, 𝑧𝑍) and apply the LLL. 12 /19

  20. SSE Attack on RSA [BD00] 𝑂 = π‘žπ‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 = 1 + 𝑦 𝑂 + 1 + 𝑧 mod 𝑓 whose root (β„“, βˆ’ π‘ž + π‘Ÿ ) discloses the factorization of 𝑂 . β€’ A bivariate equation with three monomials ( 1, 𝑦, 𝑦𝑧 ) 13 /19

  21. SSE Attack on RSA [BD00] 𝑂 = π‘žπ‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 = 1 + 𝑦 𝑂 + 1 + 𝑧 mod 𝑓 whose root (β„“, βˆ’ π‘ž + π‘Ÿ ) discloses the factorization of 𝑂 . Polynomials 𝑦 𝑗 𝑧 π‘˜ 𝑔 𝑣 𝑦, 𝑧 𝑓 π‘›βˆ’π‘£ g enerate a triangular matrix with diagonals π‘Œ 𝑗+𝑣 𝑍 π‘˜+𝑣 𝑓 π‘›βˆ’π‘£ . οƒΌ The resulting lattice constructions are well-analyzed. 13 /19

  22. SSE Attack on RSA [BD00] 𝑂 = π‘žπ‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 = 1 + 𝑦 𝑂 + 1 + 𝑧 mod 𝑓 whose root (β„“, βˆ’ π‘ž + π‘Ÿ ) discloses the factorization of 𝑂 . Polynomials 𝑦 𝑗 𝑧 π‘˜ 𝑔 𝑣 𝑦, 𝑧 𝑓 π‘›βˆ’π‘£ g enerate a triangular matrix with diagonals π‘Œ 𝑗+𝑣 𝑍 π‘˜+𝑣 𝑓 π‘›βˆ’π‘£ . οƒΌ The resulting lattice constructions are well-analyzed. 13 /19

  23. How to Generalize the Attacks 14 /19

  24. SSE Attack on Takagi’s RSA 𝑂 = π‘ž 𝑠 π‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 1 , 𝑧 2 = 1 + 𝑦 𝑧 1 βˆ’ 1 (𝑧 2 βˆ’ 1) mod 𝑓 whose root (β„“, π‘ž, π‘Ÿ) discloses the factorization of 𝑂 . β€’ A trivariate equation with five monomials ( 1, 𝑦, 𝑦𝑧 1 , 𝑦𝑧 2 , 𝑦𝑧 1 𝑧 2 ) 𝑠 𝑧 2 = 𝑂 β€’ Nontrivial algebraic relation 𝑧 1 15 /19

  25. SSE Attack on Takagi’s RSA 𝑂 = π‘ž 𝑠 π‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 1 , 𝑧 2 = 1 + 𝑦 𝑧 1 βˆ’ 1 (𝑧 2 βˆ’ 1) mod 𝑓 whose root (β„“, π‘ž, π‘Ÿ) discloses the factorization of 𝑂 . Polynomials π‘˜ 𝑔 𝑣 𝑦, 𝑧 1 , 𝑧 2 𝑓 π‘›βˆ’π‘£ π‘ βˆ’1 𝑧 2 β‹… 𝑦 𝑗 𝑧 1, 𝑧 2 , 𝑧 1 𝑧 2 , … , 𝑧 1 1 g enerate a triangular matrix with (sizes of ) diagonals 𝑍 0 , 𝑍 1 , … , 𝑍 𝑠 β‹… π‘Œ 𝑗+𝑣 𝑍 π‘˜+𝑣 𝑓 π‘›βˆ’π‘£ . 15 /19

  26. SSE Attack on Takagi’s RSA 𝑂 = π‘ž 𝑠 π‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) 𝑔 𝑦, 𝑧 1 , 𝑧 2 = 1 + 𝑦 𝑧 1 βˆ’ 1 (𝑧 2 βˆ’ 1) mod 𝑓 whose root (β„“, π‘ž, π‘Ÿ) discloses the factorization of 𝑂 . Polynomials π‘˜ 𝑔 𝑣 𝑦, 𝑧 1 , 𝑧 2 𝑓 π‘›βˆ’π‘£ π‘ βˆ’1 𝑧 2 β‹… 𝑦 𝑗 𝑧 1, 𝑧 2 , 𝑧 1 𝑧 2 , … , 𝑧 1 1 g enerate a triangular matrix with (sizes of ) diagonals 𝑍 0 , 𝑍 1 , … , 𝑍 𝑠 β‹… π‘Œ 𝑗+𝑣 𝑍 π‘˜+𝑣 𝑓 π‘›βˆ’π‘£ . 15 /19

  27. SSE Attack on the prime power RSA 𝑂 = π‘ž 𝑠 π‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) π‘ βˆ’1 𝑧 1 βˆ’ 1 (𝑧 2 βˆ’ 1) mod 𝑓 𝑔 𝑦, 𝑧 1 , 𝑧 2 = 1 + 𝑦𝑧 1 whose roots (β„“, π‘ž, π‘Ÿ) offer the factorization of 𝑂 . β€’ A trivariate equation with five monomials π‘ βˆ’1 , 𝑦𝑧 1 𝑠 , 𝑦𝑧 1 π‘ βˆ’1 𝑧 2 ) ( 1, 𝑦, 𝑦𝑧 1 𝑠 𝑧 2 = 𝑂 β€’ Nontrivial algebraic relation 𝑧 1 16 /19

  28. SSE Attack on the prime power RSA 𝑂 = π‘ž 𝑠 π‘Ÿ and 𝑓𝑒 = 1 mod (π‘ž βˆ’ 1)(π‘Ÿ βˆ’ 1) π‘ βˆ’1 𝑧 1 βˆ’ 1 (𝑧 2 βˆ’ 1) mod 𝑓 𝑔 𝑦, 𝑧 1 , 𝑧 2 = 1 + 𝑦𝑧 1 whose roots (β„“, π‘ž, π‘Ÿ) offer the factorization of 𝑂 . Polynomials 𝑏 , 𝑧 1 𝑧 2 𝑏 , … , 𝑧 1 π‘ βˆ’1 𝑧 2 𝑏 , 𝑧 1 π‘ βˆ’1 𝑧 2 𝑏+1 𝑧 2 π‘˜ 𝑔 𝑣 𝑦, 𝑧 1 , 𝑧 2 𝑓 π‘›βˆ’π‘£ β‹… 𝑦 𝑗 𝑧 1 g enerate a triangular matrix with (sizes of ) diagonals 𝑍 𝑏 , 𝑍 𝑏+1 , … , 𝑍 𝑏+𝑠 β‹… π‘Œ 𝑗+𝑣 𝑍 π‘˜+𝑣 𝑓 π‘›βˆ’π‘£ . 16 /19

  29. Our Transformations PKE on RSA SSE on RSA π‘ βˆ’1 𝑧 2 1, 𝑧 2 , 𝑧 1 𝑧 2 , … , 𝑧 1 SSE on Takagi RSA PKE on Takagi RSA 17 /19

  30. Our Transformations PKE on RSA SSE on RSA 𝑏+1 𝑏 , 𝑧 1 𝑧 2 𝑏 , … , 𝑧 1 π‘ βˆ’1 𝑧 2 𝑏 , 𝑧 1 π‘ βˆ’1 𝑧 2 𝑧 2 SSE on PKE on prime power RSA prime power RSA 18 /19

  31. Conclusion β€’ We propose generic transformations that convert lattices on RSA to those on the Takagi RSA and the prime power RSA. As applications, we propose small secret exponent attacks and partial key exposure attacks on the variants. οƒΌ Further applications of our transformations? οƒΌ Better attacks can be obtained from other frameworks? 19 /19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Brief Comparison: some experimentally verified Generalize the key constraints and

A Brief Comparison: some experimentally verified Generalize the key constraints and

MN1 T. Metodiev D. Copsey F.T. Chong I.L. Chuang M. Oskin J. Kubiatowicz Motivation Many Proposed Technologies All work toward the same goal A Brief Comparison: some experimentally verified Generalize the key

361 views β€’ 5 slides
Why NLU doesnt generalize to NLG Yejin Choi Paul G. Allen School of Computer Science &amp;

Why NLU doesnt generalize to NLG Yejin Choi Paul G. Allen School of Computer Science &amp;

Why NLU doesnt generalize to NLG Yejin Choi Paul G. Allen School of Computer Science &amp; Engineering &amp; Allen Institute for Artificial Intelligence In its current form neural Why NLU doesnt generalize to NLG

801 views β€’ 68 slides
Summary The standard DFS does not generalize to more than two countries, because there is no

Summary The standard DFS does not generalize to more than two countries, because there is no

Summary The standard DFS does not generalize to more than two countries, because there is no clean way to dene the chain of comparative advantage. Eaton and Kortum (2002) generalizes DFS to a situation with many countries that

559 views β€’ 12 slides
Inductive Bias: How to generalize on novel data CS 478 - Inductive Bias 1 Non-Linear Tasks l

Inductive Bias: How to generalize on novel data CS 478 - Inductive Bias 1 Non-Linear Tasks l

Inductive Bias: How to generalize on novel data CS 478 - Inductive Bias 1 Non-Linear Tasks l Linear Regression will not generalize well to the task below l Needs a non-linear surface Could use one or our future models l Could also do a

356 views β€’ 33 slides
NORMS, INNER PRODUCTS, AND ORTHOGONALITY Vector norms Generalize the familiar concept of

NORMS, INNER PRODUCTS, AND ORTHOGONALITY Vector norms Generalize the familiar concept of

NORMS, INNER PRODUCTS, AND ORTHOGONALITY Vector norms Generalize the familiar concept of length from R 2 and R 3 to higher dimensions Cant really visualize in higher dimensions Must trust algebra Generalize the concept of

1.44k views β€’ 113 slides
SURVEYS (CONTINUED) Michael Coblenz WHY SURVEYS? Generalize your findings Shallower than

SURVEYS (CONTINUED) Michael Coblenz WHY SURVEYS? Generalize your findings Shallower than

SURVEYS (CONTINUED) Michael Coblenz WHY SURVEYS? Generalize your findings Shallower than interviews But scale much better Focus in on specific problems to work on CLARIFY TYPE OF RESPONSE How old are you? What is your date

471 views β€’ 27 slides
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web,

How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web,

How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples Elissa M. Redmiles, Sean Kross, and Michelle L. Mazurek @eredmil1 eredmiles@cs.umd.edu 30+ papers in the Top 4 security

560 views β€’ 35 slides
Shanghai Jiaotong University How to generalize Eulerian polynomials via combinatorics and

Shanghai Jiaotong University How to generalize Eulerian polynomials via combinatorics and

Shanghai Jiaotong University How to generalize Eulerian polynomials via combinatorics and continued fractions Jiang Zeng Universit e Claude Bernard Lyon 1, France May 14, 2018, Shanghai Plan of the talk 1 Eulerian polynomials 2 q

953 views β€’ 67 slides
MANOVA and the Multivariate GLM Here we generalize the notation we learned before to the case of

MANOVA and the Multivariate GLM Here we generalize the notation we learned before to the case of

MANOVA and the Multivariate GLM Here we generalize the notation we learned before to the case of several variables within each group. MANOVA An Intuitive Introduction The Multivariate GLM Recall that our univariate GLM is = + x

657 views β€’ 14 slides
Learning to Generalize from Sparse and Underspecified Rewards Rishabh Agarwal, Chen Liang, Dale

Learning to Generalize from Sparse and Underspecified Rewards Rishabh Agarwal, Chen Liang, Dale

Proprietary + Confidential Learning to Generalize from Sparse and Underspecified Rewards Rishabh Agarwal, Chen Liang, Dale Schuurmans, Mohammad Norouzi Source: Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis non erat sem

571 views β€’ 18 slides
Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still

Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still

Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still just two assets: the stock and the risk-free bond. Still no transaction cost, nor limits on amounts of either asset. But: market is observed at

379 views β€’ 16 slides
The Empirical Data: Do infants generalize identity rules? PARTICIPANTS: 7 month old infants

The Empirical Data: Do infants generalize identity rules? PARTICIPANTS: 7 month old infants

de li de ji we ji... Pre-Wiring &amp; Pre-Training : What does a neural network need to learn truly general identity rules? Raquel G. Alhama Willem Zuidema The Empirical Data: Do infants generalize identity rules? PARTICIPANTS: 7 month old

578 views β€’ 29 slides
Lecture 8 AR, MA, and ARMA Models 9/27/2018 1 AR models AR(p) models We can generalize from

Lecture 8 AR, MA, and ARMA Models 9/27/2018 1 AR models AR(p) models We can generalize from

Lecture 8 AR, MA, and ARMA Models 9/27/2018 1 AR models AR(p) models We can generalize from an AR(1) to an AR(p) model by simply adding additional autoregressive terms to the model. () =1 What are the

598 views β€’ 36 slides
ECML 2015 Big Targets Workshop Paul Mineiro Paul Mineiro ECML 2015 Big Targets Workshop How can

ECML 2015 Big Targets Workshop Paul Mineiro Paul Mineiro ECML 2015 Big Targets Workshop How can

How can we generalize well? ECML 2015 Big Targets Workshop Paul Mineiro Paul Mineiro ECML 2015 Big Targets Workshop How can we generalize well? Extreme Challenges How can we generalize well? Can we compete with OAA? When can we predict

398 views β€’ 18 slides
Good Machine Learning = Generalization Goal of machine learning: build models that generalize

Good Machine Learning = Generalization Goal of machine learning: build models that generalize

Good Machine Learning = Generalization Goal of machine learning: build models that generalize well to predicting new data Overfitting: fitting the training data too well, so we lose generality of model o Example: linear regression vs.

120 views β€’ 11 slides
Dawn Song dawnsong@cs.berkeley.edu 1 Bouncer: Securing Software by Blocking Bad Input 2 Main

Dawn Song dawnsong@cs.berkeley.edu 1 Bouncer: Securing Software by Blocking Bad Input 2 Main

Automatic Worm Defense (II) -- More on Automatic Signature Generation Dawn Song dawnsong@cs.berkeley.edu 1 Bouncer: Securing Software by Blocking Bad Input 2 Main Idea How to generalize from original exploit? i.e., how to generalize from

656 views β€’ 6 slides
Bijections for tree-decorated map and applications to random maps. Luis Fredes (Work in progress

Bijections for tree-decorated map and applications to random maps. Luis Fredes (Work in progress

Bijections for tree-decorated map and applications to random maps. Luis Fredes (Work in progress with Avelio Seplveda (Univ. Lyon 1)) LIX 2019 Luis Fredes (Universit de Bordeaux) Tree-decorated maps 1 / 30 MAPS Luis Fredes (Universit

914 views β€’ 57 slides
Today Finish Euclid. Bijection/CRT/Isomorphism. Fermats Little Theorem. 1 / 27 More

Today Finish Euclid. Bijection/CRT/Isomorphism. Fermats Little Theorem. 1 / 27 More

Today Finish Euclid. Bijection/CRT/Isomorphism. Fermats Little Theorem. 1 / 27 More divisibility Notation: d | x means d divides x or x = kd for some integer k . Lemma 1: If d | x and d | y then d | y and d | mod ( x , y ) . Proof:

548 views β€’ 27 slides
Improved CRT Algorithm for class polynomials in genus 2 01/08/2012 (Microsoft Research) Kristin

Improved CRT Algorithm for class polynomials in genus 2 01/08/2012 (Microsoft Research) Kristin

Improved CRT Algorithm for class polynomials in genus 2 01/08/2012 (Microsoft Research) Kristin Lauter 1 , Damien Robert 2 1 Microsoft Research 2 LFANT Team, INRIA Bordeaux Sud-Ouest Class polynomials Cryptographic application: if the class

508 views β€’ 29 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (Nov. 19, 2001) I E S R C E O

UMBC A B M A L T F O U M B C I M Y O R T 1 (Nov. 19, 2001) I E S R C E O

Advanced VLSI Design Combination Logic Design IV CMSC 613 Dynamic Logic Dynamic logic reduces the fan-in, similar to pseudo-NMOS, without the static power consumption. M p Out A B C M p = + Out A In 1 C In 2 B PDN In 3

490 views β€’ 21 slides
CRT Produces Long-term Improvements in Disease Progression in Mildly Symptomatic Heart Failure

CRT Produces Long-term Improvements in Disease Progression in Mildly Symptomatic Heart Failure

CRT Produces Long-term Improvements in Disease Progression in Mildly Symptomatic Heart Failure Patients: Five-year results from the REsynchronization reVErses Remodeling in Systolic left vEntricular dysfunction (REVERSE) study Cecilia Linde,

720 views β€’ 19 slides
Summary, perspectives, Q&amp;A Dmitri Svergun, EMBL-Hamburg Biological SAXS at ICAN in Moscow

Summary, perspectives, Q&amp;A Dmitri Svergun, EMBL-Hamburg Biological SAXS at ICAN in Moscow

Summary, perspectives, Q&amp;A Dmitri Svergun, EMBL-Hamburg Biological SAXS at ICAN in Moscow Prof. Lev A.Feigin, leader of the Acad. Boris K. Vainshtein, group (then sector, then ICAN director and Head of the laboratory) of

409 views β€’ 38 slides
HPC AND IN THE DATA CENTER Peter Messmer, DATE 2019, March 27 2019 RISE OF GPU COMPUTING 1000X

HPC AND IN THE DATA CENTER Peter Messmer, DATE 2019, March 27 2019 RISE OF GPU COMPUTING 1000X

GPU ACCELERATED COMPUTING IN HPC AND IN THE DATA CENTER Peter Messmer, DATE 2019, March 27 2019 RISE OF GPU COMPUTING 1000X GPU-Computing perf 10 7 by 1.5X per year APPLICATIONS 2025 10 6 ALGORITHMS 1.1X per year 10 5 10 4 SYSTEMS 10 3

479 views β€’ 27 slides
The Revolution in Experimental and Observational Science: The Convergence of Data-Intensive and

The Revolution in Experimental and Observational Science: The Convergence of Data-Intensive and

The Revolution in Experimental and Observational Science: The Convergence of Data-Intensive and Compute-Intensive Infrastructure Tony Hey Chief Data Scientist STFC tony.hey@stfc.ac.uk UK Science and Technology Facilities Council (STFC)

532 views β€’ 28 slides

More recommend