mcbits objectives fast constant time set new speed
play

McBits: Objectives fast constant-time Set new speed records - PowerPoint PPT Presentation

Oct 07, 2023 •29 likes •969 views

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work

  1. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  2. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  3. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  4. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven Peter Schwabe Radboud University Nijmegen

  5. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven ✿ ✿ ✿ using code-based crypto Peter Schwabe with a solid track record. Radboud University Nijmegen

  6. McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. (to appear at CHES 2013) ✿ ✿ ✿ at a high security level. D. J. Bernstein ✿ ✿ ✿ including protection University of Illinois at Chicago & against quantum computers. Technische Universiteit Eindhoven ✿ ✿ ✿ including full protection Joint work with: against cache-timing attacks, Tung Chou branch-prediction attacks, etc. Technische Universiteit Eindhoven ✿ ✿ ✿ using code-based crypto Peter Schwabe with a solid track record. Radboud University Nijmegen ✿ ✿ ✿ all of the above at once .

  7. McBits: Objectives Examples constant-time Set new speed records Some cycle de-based cryptography for public-key cryptography. (Intel Co appear at CHES 2013) from bench.cr.yp.to ✿ ✿ ✿ at a high security level. Bernstein mceliece ✿ ✿ ✿ including protection University of Illinois at Chicago & (2008 Bisw against quantum computers. echnische Universiteit Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic ork with: against cache-timing attacks, kumfp127g Chou branch-prediction attacks, etc. (hyperelliptic; echnische Universiteit Eindhoven curve25519 ✿ ✿ ✿ using code-based crypto (conservative Schwabe with a solid track record. mceliece oud University Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024

  8. Objectives Examples of the comp constant-time Set new speed records Some cycle counts cryptography for public-key cryptography. (Intel Core i5-3210M, CHES 2013) from bench.cr.yp.to ✿ ✿ ✿ at a high security level. mceliece encrypt ✿ ✿ ✿ including protection Illinois at Chicago & (2008 Biswas–Sendri against quantum computers. Universiteit Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic curve; against cache-timing attacks, kumfp127g DH branch-prediction attacks, etc. (hyperelliptic; Euro Universiteit Eindhoven curve25519 DH ✿ ✿ ✿ using code-based crypto (conservative elliptic with a solid track record. mceliece decrypt University Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024 decrypt

  9. Objectives Examples of the competition Set new speed records Some cycle counts on h9ivy for public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : ✿ ✿ ✿ at a high security level. mceliece encrypt ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) Chicago & against quantum computers. Eindhoven gls254 DH ✿ ✿ ✿ including full protection (binary elliptic curve; CHES against cache-timing attacks, kumfp127g DH 116944 branch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) Eindhoven curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) with a solid track record. mceliece decrypt 1219344 Nijmegen ✿ ✿ ✿ all of the above at once . ronald1024 decrypt 1340040

  10. Objectives Examples of the competition Set new speed records Some cycle counts on h9ivy for public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : ✿ ✿ ✿ at a high security level. mceliece encrypt 61440 ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) against quantum computers. gls254 DH 77468 ✿ ✿ ✿ including full protection (binary elliptic curve; CHES 2013) against cache-timing attacks, kumfp127g DH 116944 branch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) with a solid track record. mceliece decrypt 1219344 ✿ ✿ ✿ all of the above at once . ronald1024 decrypt 1340040

  11. Objectives Examples of the competition New dec new speed records Some cycle counts on h9ivy ( ♥❀ t ) = (4096 ❀ public-key cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : a high security level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ including protection (2008 Biswas–Sendrier, 2 80 ) against quantum computers. gls254 DH 77468 ✿ ✿ ✿ including full protection (binary elliptic curve; CHES 2013) against cache-timing attacks, kumfp127g DH 116944 ranch-prediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ using code-based crypto (conservative elliptic curve) solid track record. mceliece decrypt 1219344 ✿ ✿ ✿ of the above at once . ronald1024 decrypt 1340040

  12. Examples of the competition New decoding speeds records Some cycle counts on h9ivy ( ♥❀ t ) = (4096 ❀ 41); cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : security level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ rotection (2008 Biswas–Sendrier, 2 80 ) computers. gls254 DH 77468 ✿ ✿ ✿ full protection (binary elliptic curve; CHES 2013) cache-timing attacks, kumfp127g DH 116944 rediction attacks, etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ de-based crypto (conservative elliptic curve) track record. mceliece decrypt 1219344 ✿ ✿ ✿ ove at once . ronald1024 decrypt 1340040

  13. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 securit Some cycle counts on h9ivy cryptography. (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : level. ✿ ✿ ✿ mceliece encrypt 61440 ✿ ✿ ✿ (2008 Biswas–Sendrier, 2 80 ) ers. gls254 DH 77468 ✿ ✿ ✿ rotection (binary elliptic curve; CHES 2013) attacks, kumfp127g DH 116944 etc. (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 ✿ ✿ ✿ crypto (conservative elliptic curve) mceliece decrypt 1219344 ✿ ✿ ✿ once . ronald1024 decrypt 1340040

  14. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) from bench.cr.yp.to : mceliece encrypt 61440 (2008 Biswas–Sendrier, 2 80 ) gls254 DH 77468 (binary elliptic curve; CHES 2013) kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

  15. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) 60493 Ivy Bridge cycles. from bench.cr.yp.to : Talk will focus on this case. mceliece encrypt (Decryption is slightly slower: 61440 (2008 Biswas–Sendrier, 2 80 ) includes hash, cipher, MAC.) gls254 DH 77468 (binary elliptic curve; CHES 2013) kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

  16. Examples of the competition New decoding speeds ( ♥❀ t ) = (4096 ❀ 41); 2 128 security: Some cycle counts on h9ivy (Intel Core i5-3210M, Ivy Bridge) 60493 Ivy Bridge cycles. from bench.cr.yp.to : Talk will focus on this case. mceliece encrypt (Decryption is slightly slower: 61440 (2008 Biswas–Sendrier, 2 80 ) includes hash, cipher, MAC.) gls254 DH 77468 ( ♥❀ t ) = (2048 ❀ 32); 2 80 security: (binary elliptic curve; CHES 2013) 26544 Ivy Bridge cycles. kumfp127g DH 116944 (hyperelliptic; Eurocrypt 2013) curve25519 DH 182632 (conservative elliptic curve) mceliece decrypt 1219344 ronald1024 decrypt 1340040

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for

McBits: Objectives fast constant-time Set new speed records code-based cryptography for public-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou

746 views • 73 slides
McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven,

McBits: fast constant-time code-based cryptography Tung Chou Technische Universiteit Eindhoven, The Netherlands October 13, 2015 Joint work with Daniel J. Bernstein and Peter Schwabe Outline Summary of Our Work Background Main

439 views • 32 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

823 views • 46 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

643 views • 52 slides
McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein

McBits: fast constant-time code-based cryptography (to appear at CHES 2013) D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter

625 views • 41 slides
McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at

McBits: fast constant-time code-based cryptography D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou Technische Universiteit Eindhoven Peter Schwabe Radboud University

902 views • 43 slides
Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1

Fast Constant-Time GCD Computation and Modular Inversion Daniel J. Bernstein 1,2 Bo-Yin Yang 3 1 University of Illinois at Chicago 2 Ruhr Universt at Bochum 3 Academia Sinica Monday, August 26, 2019 Summary: Fast, Safe GCD and Inversions

431 views • 23 slides
Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in

Mathematical Physics Constant Speed Motion 2019-02-06 www.njctl.org Table of Contents: Constant Speed Motion Click on the topic to go to that section. Motion in One Dimension Formulas and Solving Problems Constant Speed

2.07k views • 182 slides
Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on

Fixslicing: A New GIFT Representation Fast Constant-Time Implementations of GIFT and GIFT-COFB on ARM Cortex-M Alexandre Adomnicai 1,2 Zakaria Najm 1,2,3 Thomas Peyrin 1,2 1 Nanyang Technological University, Singapore 2 Temasek Laboratories,

457 views • 34 slides
SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic

SURFACE CHARGE IS REAL A metal bar moves with constant speed to the right . A constant magnetic field points out of the page . What happens to the electrons in the bar (in the frame of the moving bar)? A. Nothing B. They move upward C. They

210 views • 4 slides
High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering:

High-speed engineering of high-speed software D. J. Bernstein Traditional software engineering: Design programming environment to minimize programmer time. Environment is now constant. Write tons of software. Software is now constant. Try

389 views • 4 slides
Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Moves 6 meters every second E Slide 2 / 57 2 A toy car moves 8 m in 4 s at the constant

Slide 1 / 57 1 An object moves at a constant speed of 6 m/s. This means that the object: Increases its speed by 6 m/s every second A Decreases its speed by 6 m/s every second B Doesnt move C Has a positive acceleration D Moves 6

962 views • 57 slides
Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!)

Fast and simple constant-time hashing to the BLS12-381 elliptic curve (and other curves, too!) Riad S. Wahby, Dan Boneh Stanford December 3 rd , 2019 Motivation Our initial motivation: BLS signatures [BLS01] Motivation Our initial

1.38k views • 126 slides
DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control To maintain constant speed Even after Motor Power is re- Motor Power duced the

DC Motor Control PWM Cog DC Motor Control Input Cog Desired Speed Position Destination Count Cog Quadrature Encoder Speed Cog Proportional w Inertia DC Motor Control To maintain constant speed Even after Motor Power is re- Motor

554 views • 9 slides
Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in

Methods for fast processing of time-series: runstats R package 3rd webinar OSS developers in physical behavior field Marta Karas Nov 5, 2019 Outline Fast time-series processing Rolling statistics Speed-up rolling mean/sd/var

413 views • 23 slides
DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to

DSV XPress fast, flexible, efficient and on time Air & Sea DSV XPress From documents to heavy weight cargo we ship it worldwide at express speed. Whether by special courier or direct delivery, with DSV XPress your shipment is

444 views • 11 slides
Efficient implementation of Objectives code-based cryptography Set new speed records D. J.

Efficient implementation of Objectives code-based cryptography Set new speed records D. J.

Efficient implementation of Objectives code-based cryptography Set new speed records D. J. Bernstein for public-key cryptography. University of Illinois at Chicago & Technische Universiteit Eindhoven Joint work with: Tung Chou

868 views • 73 slides
Cu Curric iculum ulum Eve vening ning Year 5 5 201 019-2020 2020 Classroom Routines,

Cu Curric iculum ulum Eve vening ning Year 5 5 201 019-2020 2020 Classroom Routines,

Cu Curric iculum ulum Eve vening ning Year 5 5 201 019-2020 2020 Classroom Routines, Staff and Timetable PE Kit/ Uniform expectations PE Days Wednesday and Friday for this half term. Library change Thursday

305 views • 16 slides
Living Well Together Conferences Learning to disagree well Diana Ives, Southwell Minster

Living Well Together Conferences Learning to disagree well Diana Ives, Southwell Minster

Principles and Practice of the Living Well Together Conferences Learning to disagree well Diana Ives, Southwell Minster Education Officer www.southwellminster.org/learning www.southwellminster.org/learning

802 views • 37 slides
Welcome to Class 8!! Our classroom will be where Mr Tudors classroom has been this year, so

Welcome to Class 8!! Our classroom will be where Mr Tudors classroom has been this year, so

Welcome to Class 8!! Our classroom will be where Mr Tudors classroom has been this year, so next to the sensory room. As well as myself, we will be supported by Mrs Roberts and Mrs Ferguson, who we know really well as they were both in Year

466 views • 7 slides
Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association

Be part of the conversation! Follow APSE on Twitter and LinkedIn @apseevents @ APSE - Association @apsenews for Public Service Excellence www.apse.org.uk How are leisure services performing in the UK? Tuesday 28 January 2020 Debbie Johns, Head

929 views • 78 slides
COMPLEXITY OF MULTI-VALUED REGISTER SIMULATIONS: A RETROSPECTIVE Jennifer L. Welch Texas

COMPLEXITY OF MULTI-VALUED REGISTER SIMULATIONS: A RETROSPECTIVE Jennifer L. Welch Texas

COMPLEXITY OF MULTI-VALUED REGISTER SIMULATIONS: A RETROSPECTIVE Jennifer L. Welch Texas A&M University OPODIS December 2018 1 OPODIS 2018 Complexity of Multi-Valued Register Simulations The Problem Use a collection of shared

782 views • 65 slides
Data-driven Model Selection for Approximate Bayesian Computation via Multiple Logisitic

Data-driven Model Selection for Approximate Bayesian Computation via Multiple Logisitic

Data-driven Model Selection for Approximate Bayesian Computation via Multiple Logisitic Regression. Ben Rohrlach Prof. Nigel Bean, Dr Jonathan Tuke University of Adelaide November 6, 2014 Adam Rohrlach Table of Contents Introduction. 1

1.72k views • 112 slides
Interannual variation of a 12,760 km transequatorial ionospheric channel availability and its

Interannual variation of a 12,760 km transequatorial ionospheric channel availability and its

Interannual variation of a 12,760 km transequatorial ionospheric channel availability and its dependence on ionization Ferran Orga 1 , David Altadill 2 , Marcos Hervs 1 and Rosa Ma Alsina-Pags 1 1 GTM Grup de Recerca en Tecnologies Mdia,

331 views • 11 slides

More recommend