ring lwe implementation
play

Ring-LWE Implementation Tobias Oder 1 , Tobias Schneider 2 , Thomas - PowerPoint PPT Presentation

Dec 23, 2023 •361 likes •736 views

Practical CCA2-Secure and Masked Ring-LWE Implementation Tobias Oder 1 , Tobias Schneider 2 , Thomas Pppelmann 3 , Tim Gneysu 1,4 1 Ruhr-University Bochum, 2 Universit Catholique de Louvain, 3 Infineon Technologies AG, 4 DFKI 10.09.2018

  1. Practical CCA2-Secure and Masked Ring-LWE Implementation Tobias Oder 1 , Tobias Schneider 2 , Thomas Pöppelmann 3 , Tim Güneysu 1,4 1 Ruhr-University Bochum, 2 Université Catholique de Louvain, 3 Infineon Technologies AG, 4 DFKI 10.09.2018 CHES 2018

  2. Motiviation CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 2

  3. Ring-LWE • NIST post-quantum standardization project • Various NIST submissions are based on Ring-LWE including – NewHope – LIMA – (Kyber) – … CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 3

  4. Ring-LWE • NIST post-quantum standardization project • Various NIST submissions are based on Ring-LWE including – NewHope – LIMA – (Kyber) – … Previous work – A masked ring-LWE implementation. O. Reparaz, S. Sinha Roy, F. Vercauteren, I. Verbauwhede. CHES 2015 – Additively homomorphic ring-LWE masking. O. Reparaz, S. Sinha Roy, R. de Clercq, F. Vercauteren, I. Verbauwhede. PQCrypto 2016 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 4

  5. CCA2-Security • Plain Ring-LWE encryption is only secure against chosen- plaintext attackers (CPA) • Many use cases require security against chosen-ciphertext attackers (CCA) • Generic Fujisaki-Okamoto transform – Assumes negligible decryption error – Tweak by Targhi and Unruh for post-quantum security [TU16] – Expensive re-encryption in decryption [TU16] E. E. Targhi and D. Unruh. Post-quantum security of the Fujisaki-Okamoto and OAEP transforms . TCC 2016 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 5

  6. CCA2-Security CCA2-secure Decryption CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 6

  7. CCA2-Security CCA2-secure Decryption CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 7

  8. CCA2-Security CCA2-secure Decryption CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 8

  9. CCA2-Security CCA2-secure Decryption CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 9

  10. Contribution CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 10

  11. Embedded Implementation • Our contribution: CCA2-secure first-order masked Ring-LWE implementation CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 11

  12. Embedded Implementation • Our contribution: CCA2-secure first-order masked Ring-LWE implementation • Target platform ARM Cortex-M4 – Constrained computing capabilities/memory CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 12

  13. Embedded Implementation • Our contribution: CCA2-secure first-order masked Ring-LWE implementation • Target platform ARM Cortex-M4 – Constrained computing capabilities/memory • Secret-independent execution time as countermeasure against timing attacks • Masking as countermeasure against Differential Power Analysis – Boolean vs. arithmetic CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 13

  14. Masking Ring-LWE Components to be masked in CCA2-secure Ring-LWE Ring-LWE CPA Encryption • PRNG/Hash 𝑏 x + 𝑑 1 BS BS BS • NTT 𝑞 𝑑 2 x + + – Polynomial multiplication 𝑛 𝑓𝑜𝑑𝑝𝑒𝑓 Ring-LWE CPA Decryption • Binomial sampler (BS) 𝑑 1 𝑒𝑓𝑑𝑝𝑒𝑓 𝑛 x + • Encoding/Decoding 𝑠 𝑑 2 1 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 14

  15. Masking Ring-LWE Components to be masked in CCA2-secure Ring-LWE Ring-LWE CPA Encryption • PRNG/Hash  [BDPVA10] 𝑏 x + 𝑑 1 BS BS BS 𝑞 𝑑 2 • NTT  straight-forward x + + – Polynomial multiplication 𝑛 𝑓𝑜𝑑𝑝𝑒𝑓 Ring-LWE CPA Decryption • Binomial sampler (BS) 𝑑 1 𝑒𝑓𝑑𝑝𝑒𝑓 𝑛 x + • Encoding/Decoding 𝑠 𝑑 2 1 [BDPVA10] Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. Building power analysis resistant implementations of Keccak . Second SHA-3 candidate conference, 2010 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 15

  16. Masking Ring-LWE Components to be masked in CCA2-secure Ring-LWE Ring-LWE CPA Encryption • PRNG/Hash  [BDPVA10] 𝑏 x + 𝑑 1 BS BS BS 𝑞 𝑑 2 • NTT  straight-forward x + + – Polynomial multiplication 𝑛 𝑓𝑜𝑑𝑝𝑒𝑓 Ring-LWE CPA Decryption • Binomial Sampler (BS) 𝑑 1 𝑒𝑓𝑑𝑝𝑒𝑓 𝑛 x + • Encoding/Decoding 𝑠 𝑑 2 1 [BDPVA10] Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. Building power analysis resistant implementations of Keccak . Second SHA-3 candidate conference, 2010 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 16

  17. Encoding CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 17

  18. Masked encoding • Encoding transforms a bit string into a polynomial – Without masking: 𝑑𝑝𝑓𝑔𝑔 = 𝑐𝑗𝑢 ⋅ ⌊𝑟 2⌋ CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 18

  19. Masked encoding • Encoding transforms a bit string into a polynomial – Without masking: 𝑑𝑝𝑓𝑔𝑔 = 𝑐𝑗𝑢 ⋅ ⌊𝑟 2⌋ – W ith 𝑐𝑗𝑢 ′ ⊕ 𝑐𝑗𝑢′′ = 𝑐𝑗𝑢: 𝑑𝑝𝑓𝑔𝑔′ = 𝑐𝑗𝑢′ ⋅ ⌊𝑟 2 ⌋ 𝑑𝑝𝑓𝑔𝑔 ′′ = 𝑐𝑗𝑢 ′′ ⋅ 𝑟 2 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 19

  20. Masked encoding • Encoding transforms a bit string into a polynomial – Without masking: 𝑑𝑝𝑓𝑔𝑔 = 𝑐𝑗𝑢 ⋅ ⌊𝑟 2⌋ – W ith 𝑐𝑗𝑢 ′ ⊕ 𝑐𝑗𝑢′′ = 𝑐𝑗𝑢: 𝑑𝑝𝑓𝑔𝑔′ = 𝑐𝑗𝑢′ ⋅ ⌊𝑟 2 ⌋ 𝑑𝑝𝑓𝑔𝑔 ′′ = 𝑐𝑗𝑢 ′′ ⋅ 𝑟 2 𝑟 𝑟 • q is a odd  2 + 2 ≠ 𝑟 Problem: Result is off by one if 𝑐𝑗𝑢 ′ = 1 and 𝑐𝑗𝑢 ′′ = 1 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 20

  21. Masked encoding Solution: Add 𝑐𝑗𝑢 ′ ⋅ 𝑐𝑗𝑢′′ to the result • Compute 𝑐𝑗𝑢 ′ ⋅ 𝑐𝑗𝑢′′ by splitting into subshares 𝑐𝑗𝑢 ′ 1 + 𝑐𝑗𝑢 ′ 2 ⋅ (𝑐𝑗𝑢 ′′(1) + 𝑐𝑗𝑢 ′′ 2 ) = 𝑐𝑗𝑢 ′(1) ⋅ 𝑐𝑗𝑢 ′′ 1 + 𝑐𝑗𝑢 ′ 1 ⋅ 𝑐𝑗𝑢 ′′ 2 + 𝑐𝑗𝑢 ′(2) ⋅ 𝑐𝑗𝑢 ′′ 1 + 𝑐𝑗𝑢 ′(2) ⋅ 𝑐𝑗𝑢 ′′ 2 • Use fresh randomness to securely sum the cross-products CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 21

  22. Decoding CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 22

  23. Masked decoding Input: Coefficient ∈ [0, 𝑟 − 1] Output: Decoded bit Idea: • Shift distribution of coefficients • Apply arithmetic-to- Boolean conversion • Extract sign bit CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 23

  24. Masked decoding Input: Coefficient ∈ [0, 𝑟 − 1] Output: Decoded bit Idea: • Shift distribution of coefficients • Apply arithmetic-to- Boolean conversion • Extract sign bit CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 24

  25. Masked decoding Input: Coefficient ∈ [0, 𝑟 − 1] Output: Decoded bit Idea: • Shift distribution of coefficients • Apply arithmetic-to- Boolean conversion • Extract sign bit CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 25

  26. Masked decoding Input: Coefficient ∈ [0, 𝑟 − 1] Output: Decoded bit Idea: • Shift distribution of coefficients • Apply arithmetic-to- Boolean conversion • Extract sign bit CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 26

  27. Binomial Sampler CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 27

  28. Masked sampler • Input : Boolean shares; Output : Arithmetic shares • Count Hamming weight as (𝑐𝑗𝑢 ′ 𝑗 ⊕ 𝑐𝑗𝑢 ′′ 𝑗 ) 7 σ 𝑗=0 𝑐𝑗𝑢 ′ 𝑗 + 𝑐𝑗𝑢 ′′ 𝑗 − 2𝑐𝑗𝑢 ′ (𝑗)𝑐𝑗𝑢′′(𝑗) 7 = σ 𝑗=0 • Compute 𝑐𝑗𝑢 ′ (𝑗) ⋅ 𝑐𝑗𝑢′′(𝑗) by splitting into subshares CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 28

  29. Results CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 29

  30. Side-Channel Evaluation T-test evaluation of the decoding (example) • Blue : first-order evaluation • Dashed red : second-order evaluation CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 30

  31. Cortex-M4 Performance • Dimension n = 1024 • Modulus q = 12289 • Standard deviation ς = 2 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 31

  32. Cortex-M4 Performance • Dimension n = 1024 • Modulus q = 12289 • Standard deviation ς = 2 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 32

  33. Cortex-M4 Performance • Dimension n = 1024 • Modulus q = 12289 • Standard deviation ς = 2 CCA2-Secure and Masked Ring-LWE | Tobias Oder | Ruhr-University Bochum | 10.09.2018 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A MASKED RING-LWE IMPLEMENTATION Oscar Reparaz, Sujoy Sinha Roy, Frederik Vercauteren, Ingrid

A MASKED RING-LWE IMPLEMENTATION Oscar Reparaz, Sujoy Sinha Roy, Frederik Vercauteren, Ingrid

A MASKED RING-LWE IMPLEMENTATION Oscar Reparaz, Sujoy Sinha Roy, Frederik Vercauteren, Ingrid Verbauwhede COSIC/KU Leuven CHES 2015, Saint-Malo, FR 1 un protected ring-LWE decryption r2 m=th[INTT(c 1 *r 2 + c 2 )] 2 un protected ring-LWE

477 views • 36 slides
Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy

Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy

Short Overview Ring-LWE Encryption Scheme Our Implementation Implementation Results Conclusion . Efficient Ring-LWE Encryption on 8-bit AVR Processors . Zhe Liu 1 Hwajeong Seo 2 Sujoy Sinha Roy 3 adl 1 Howon Kim 2 Ingrid Verbauwhede 3

1.4k views • 102 slides
Practical Implementation of Ring-SIS/LWE based Signature and IBE Pauline Bert, Pierre-Alain

Practical Implementation of Ring-SIS/LWE based Signature and IBE Pauline Bert, Pierre-Alain

Practical Implementation of Ring-SIS/LWE based Signature and IBE Pauline Bert, Pierre-Alain Fouque, Adeline Roux-Langlois, and Mohamed Sabt PQCrypto 2018, April 11 Univ Rennes, CNRS, IRISA 1 Identity Based Encryption Private Key Generator E

754 views • 23 slides
Virtual ring routing Virtual ring routing Some slides from http://

Virtual ring routing Virtual ring routing Some slides from http://

Virtual ring routing Virtual ring routing Some slides from http:// research.microsoft.com/en-us/um/people/antr/vrr- sigcomm06.ppt 123 VRR: the virtual ring VRR: the virtual ring topology-independent 0 FFF node identifiers, e.g., MAC

694 views • 18 slides
Ring A Vaginal Ring Containing Dapivirine for HIV-1 PrEP Ring Study: Background Study Design:

Ring A Vaginal Ring Containing Dapivirine for HIV-1 PrEP Ring Study: Background Study Design:

A Vaginal Ring Containing Dapivirine for HIV-1 PrEP Ring A Vaginal Ring Containing Dapivirine for HIV-1 PrEP Ring Study: Background Study Design: Ring Background : Randomized, double-blind, phase 3, placebo-controlled trial of a

341 views • 6 slides
lattice element example in the Recycler Ring octupole 14 0.00000 0.33083E-01 0.0000E+00

lattice element example in the Recycler Ring octupole 14 0.00000 0.33083E-01 0.0000E+00

Crystal Extraction from the Recycler Ring A.I. Drozhdin Fermi National Accelerator Laboratory P.O. Box 500, Batavia, Illinois 60510 May 31, 2012 1 Recycler Ring Lattice The choices to install the crystal in the Recycler Ring would be

427 views • 13 slides
New criteria for a ring to have a semisimple left quotient ring V. V. Bavula (University of

New criteria for a ring to have a semisimple left quotient ring V. V. Bavula (University of

New criteria for a ring to have a semisimple left quotient ring V. V. Bavula (University of Sheffield) V. V. Bavula, New criteria for a ring to have a semisim- ple left quotient ring. Arxiv:math.RA:1303.0859. talk-NewCrit-SS-lQuot.tex 1

359 views • 15 slides
A05: Quantum cr A05: Quantum crystal and ring e ystal and ring exchange change Novel magnetic

A05: Quantum cr A05: Quantum crystal and ring e ystal and ring exchange change Novel magnetic

A05: Quantum cr A05: Quantum crystal and ring e ystal and ring exchange change Novel magnetic stat No el magnetic states es induced b induced by ring e ring exchange change Members: Tsutomu Momoi (RIKEN) Kenn Kubo (Aoyama Gakuinn Univ.)

489 views • 31 slides
T / U T proves we utter the phrase Let R be a ring.. A surprising observation is that the

T / U T proves we utter the phrase Let R be a ring.. A surprising observation is that the

The generic model Nongeometric properties A systematic source A topos-theoretic Nullstellensatz This talk in a nutshell: There is a certain ring, the generic ring , which is special in that it is conserva- tive : It has exactly

855 views • 26 slides
EU -Russia/Ukraine: from Ring of Friends to Ring of Fire? The European Union:

EU -Russia/Ukraine: from Ring of Friends to Ring of Fire? The European Union:

EU -Russia/Ukraine: from Ring of Friends to Ring of Fire? The European Union: challenges and strategic responses Colloquium 27 October 2015 Dr. Graeme P. Herd , Professor of Transnational Security Studies, George C. Marshall

344 views • 9 slides
From ring epimorphisms to universal localisations joint with Jorge Vitoria I. Ring epimorphisms

From ring epimorphisms to universal localisations joint with Jorge Vitoria I. Ring epimorphisms

From ring epimorphisms to universal localisations joint with Jorge Vitoria I. Ring epimorphisms II. Universal localisations III. Recollements Throughout, A will denote a ring (with unit) and K a field. I. Ring epimorphisms Ring epimorphisms

418 views • 5 slides
Magnet neto-pl plasmonic asmonic Au/ u/Tb Tb 18 18 Co Co 82 82 nano nano-ring ring res

Magnet neto-pl plasmonic asmonic Au/ u/Tb Tb 18 18 Co Co 82 82 nano nano-ring ring res

Magnet neto-pl plasmonic asmonic Au/ u/Tb Tb 18 18 Co Co 82 82 nano nano-ring ring res esona onator tors s Initial patterning and update by Agn iuiulkait Uppsala University Motivation Fabricate magneto-plasmonic

321 views • 28 slides
Sicherheitsunterweisung fr Operateure fr den AEB Ring-HF im BG1.016 Sicherheitsbelehrung AEB

Sicherheitsunterweisung fr Operateure fr den AEB Ring-HF im BG1.016 Sicherheitsbelehrung AEB

Sicherheitsunterweisung fr Operateure fr den AEB Ring-HF im BG1.016 Sicherheitsbelehrung AEB Ring-HF 1 Elektrische Anlagen im AEB Ring HF BG1016 Sicherheitsbelehrung AEB Ring-HF 2 Elektr. Anlagen im BG1016 Netzgerte fr

290 views • 17 slides
thickened, specialized segments. Secrete a mucus ring into which egg and sperm are released

thickened, specialized segments. Secrete a mucus ring into which egg and sperm are released

A clitellum is a band of thickened, specialized segments. Secrete a mucus ring into which egg and sperm are released After eggs are fertilized in the ring, the ring slips off the worm's body and forms a protective cocoon.

218 views • 7 slides
Pseudorandomness of Ring-LWE for Any Ring and Modulus Chris Peikert University of Michigan Oded

Pseudorandomness of Ring-LWE for Any Ring and Modulus Chris Peikert University of Michigan Oded

Pseudorandomness of Ring-LWE for Any Ring and Modulus Chris Peikert University of Michigan Oded Regev Noah Stephens-Davidowitz (to appear, STOC17) 10 March 2017 1 / 14 Lattice-Based Cryptography p d o m x g = y N = = p m

1.08k views • 82 slides
SPRING Fast Pseudorandom Functions from Rounded Ring Products G. Leurent () . . . . . . . . . .

SPRING Fast Pseudorandom Functions from Rounded Ring Products G. Leurent () . . . . . . . . . .

1 / 16 SPRING FSE 2014 Tweaks SPRING Implementation SPRING Fast Pseudorandom Functions from Rounded Ring Products G. Leurent () . . . . . . . . . . . . . . . Abhishek Banerjee 1 Hai Brenner 2 Gatan Leurent 3 Chris Peikert 1 Alon Rosen 2

568 views • 29 slides
6.975 Week 5 Universal Compression Via Grammar Based Codes Presenter: Emin Martinian Grammar

6.975 Week 5 Universal Compression Via Grammar Based Codes Presenter: Emin Martinian Grammar

6.975 Week 5 Universal Compression Via Grammar Based Codes Presenter: Emin Martinian Grammar Based Compression Initial data may contain complex relationships. Transform data to a basis with independent components. Use simple,

411 views • 21 slides
The Minisatellite Transformation Problem: The Run-Length-Encoding Approach and Further

The Minisatellite Transformation Problem: The Run-Length-Encoding Approach and Further

The Minisatellite Transformation Problem: The Run-Length-Encoding Approach and Further Enhancements Behshad Behzadi & Jean-Marc Steyaert, Ecole Polytechnique Mohamed Abouelhoda, Cairo University Robert Giegerich, Bielefeld University

640 views • 26 slides
Lecture 6 Polar Coding I-Hsiang Wang Department of Electrical Engineering National Taiwan

Lecture 6 Polar Coding I-Hsiang Wang Department of Electrical Engineering National Taiwan

Lecture 6 Polar Coding I-Hsiang Wang Department of Electrical Engineering National Taiwan University ihwang@ntu.edu.tw December 5, 2016 1 / 63 I-Hsiang Wang IT Lecture 6 In Pursuit of Shannon's Limit Since 1948, Shannon's theory has drawn

963 views • 63 slides
Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods

Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods

Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Methods Keng-Shih Lu and Antonio Ortega October 22, 2019 Mode-dependent Rate-distortion Optimized Transforms Using Graph Signal Processing Metho K. Lu and A.

575 views • 35 slides
Transformation Equivariance vs. Invariance: Unsupervised Learning of Visual Representations

Transformation Equivariance vs. Invariance: Unsupervised Learning of Visual Representations

Transformation Equivariance vs. Invariance: Unsupervised Learning of Visual Representations Guo-Jun Qi guojunq@gmail.com Laboratory for MA chine P erception and LE arning ( MAPLE ) & Futurewei Technologies (Huawei Research USA) Laboratory

1.24k views • 58 slides
Deductive Program Verification with Why3 Jean-Christophe Filli atre CNRS Digicosme Spring

Deductive Program Verification with Why3 Jean-Christophe Filli atre CNRS Digicosme Spring

Deductive Program Verification with Why3 Jean-Christophe Filli atre CNRS Digicosme Spring School April 22, 2013 http://why3.lri.fr/digicosme-spring-school-2013/ 1 / 101 definition program verification + proof conditions specification

1.18k views • 101 slides
Encoding natural numbers datatype nat = Z | S of nat val zero = Z val one = S Z val two = S

Encoding natural numbers datatype nat = Z | S of nat val zero = Z val one = S Z val two = S

Encoding natural numbers datatype nat = Z | S of nat val zero = Z val one = S Z val two = S (S Z) val three = S (S (S Z)) Define fold s.t. fold f x replaces S 7! f and Z 7! x fun fold f x Z = x | fold f x (S n) = f (fold f x n) Example:

262 views • 9 slides
Enc Encoding ding, F , Fas ast and Slo t and Slow: w: Low-Latency Video Processing Using

Enc Encoding ding, F , Fas ast and Slo t and Slow: w: Low-Latency Video Processing Using

Enc Encoding ding, F , Fas ast and Slo t and Slow: w: Low-Latency Video Processing Using Thousands of Tiny Threads Presenter: Wen-Fu Lee Outline Vision & Goals mu: Supercomputing as a Service Fine-grained Parallel Video

649 views • 50 slides

More recommend