shorter linear straight line programs for mds matrices
play

Shorter Linear Straight-Line Programs for MDS Matrices Yet another - PowerPoint PPT Presentation

Mar 01, 2024 •255 likes •950 views

Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Shorter Linear Straight-Line Programs for MDS Matrices Yet another XOR Count Paper Thorsten Kranz 1 , Gregor Leander 1 , Ko Stoffelen 2 , Friedrich Wiemer 1 1

  1. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Shorter Linear Straight-Line Programs for MDS Matrices Yet another XOR Count Paper Thorsten Kranz 1 , Gregor Leander 1 , Ko Stoffelen 2 , Friedrich Wiemer 1 1 Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Germany 2 Digital Security Group, Radboud University, Nijmegen, The Netherlands

  2. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Lightweight Cryptography Cryptographic systems might have to fulfill special constraints.

  3. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Lightweight Cryptography Cryptographic systems might have to fulfill special constraints. Typical Goal Minimize the chip-area.

  4. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Linear Layers Matrix multiplication(s). Often MDS matrices.       x 0 y 0 02 03 01 01 x 1 y 1 01 02 03 01        = x i , y i ∈ F 2 8        , x 2 y 2 01 01 02 03     03 01 01 02 x 3 y 3

  5. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Goal: Small round-based implementation       x 0 y 0 02 03 01 01 x 1 y 1 01 02 03 01        = x i , y i ∈ F 2 8        , x 2 y 2 01 01 02 03     x 3 y 3 03 01 01 02

  6. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Goal: Small round-based implementation       x 0 y 0 02 03 01 01 x 1 y 1 01 02 03 01        = x i , y i ∈ F 2 8        , x 2 y 2 01 01 02 03     x 3 y 3 03 01 01 02 . Combinational . . . . . Logic

  7. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Metric: XOR count Implement matrix multiplication only with XOR operations. Use as few XORs as possible. Idea: Low XOR count = Low chip-area Note: No intermediate result needs to be recomputed.

  8. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Outline Previous Work 1 Shorter Linear Straight-Line Programs 2 Results 3

  9. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Outline Previous Work 1 Shorter Linear Straight-Line Programs 2 Results 3

  10. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work FSE 2018: Jean, Peyrin, Sim, Tourteaux Optimizing Implementations of Lightweight Building Blocks FSE 2017: C. Li and Q. Wang Design of Lightweight Linear Diffusion Layers from Near-MDS Matrices FSE 2017: Sarkar and Syed Lightweight Diffusion Layer: Importance of Toeplitz Matrices CRYPTO 2016: Beierle, Kranz, Leander Lightweight Multiplication in GF ( 2 n ) with Applications to MDS Matrices FSE 2016: Liu and Sim Lightweight MDS Generalized Circulant Matrices FSE 2016: Y. Li and M. Wang On the Construction of Lightweight Circulant Involutory MDS Matrices FSE 2015: Sim, Khoo, Oggier, Peyrin Lightweight MDS Involution Matrices

  11. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices.

  12. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy

  13. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde

  14. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant

  15. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant , Hadamard

  16. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant , Hadamard , Hadamard-Cauchy

  17. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant , Hadamard , Hadamard-Cauchy , Toeplitz

  18. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant , Hadamard , Hadamard-Cauchy , Toeplitz , Arbitrary

  19. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Previous Work Searching many matrices. Cauchy , Vandermonde , Circulant , Hadamard , Hadamard-Cauchy , Toeplitz , Arbitrary Optimizing element multiplication.

  20. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  21. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  22. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  23. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  24. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  25. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

  26. Motivation Previous Work Shorter Linear Straight-Line Programs Results Conclusion Counting XORs: Overhead and Fixed Cost The XOR count is typically split into overhead and fixed cost. Matrix Multiplication       x 1 y 1 α 1 , 1 α 1 , 2 . . . α 1 , n x 2 y 2       α 2 , 1        = α i , j , x i , y i ∈ F 2 k . . . ...  ,  .   .   .  . . .     x n y n α n , 1 α n , n � XOR ( α i , j ) + n · ( n − 1 ) · k � �� � i , j Fixed Cost � �� � Overhead

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

JUST THE MATHS SLIDES NUMBER 5.3 GEOMETRY 3 (Straight line laws) by A.J.Hobson 5.3.1

JUST THE MATHS SLIDES NUMBER 5.3 GEOMETRY 3 (Straight line laws) by A.J.Hobson 5.3.1

JUST THE MATHS SLIDES NUMBER 5.3 GEOMETRY 3 (Straight line laws) by A.J.Hobson 5.3.1 Introduction 5.3.2 Laws reducible to linear form 5.3.3 The use of logarithmic graph paper UNIT 5.3 GEOMETRY 3 STRAIGHT LINE LAWS 5.3.1

300 views • 10 slides
Straight-line programs for equations with constraints over free products Volker Diekert 1

Straight-line programs for equations with constraints over free products Volker Diekert 1

Straight-line programs for equations with constraints over free products Volker Diekert 1 Universit at Stuttgart GAGTA 7, New York City May 31st, 2013 1 Joint work with Olga Kharlampovich and Atefeh Mohajeri The talk is about equations and

202 views • 17 slides
Matrices Basic Linear Algebra Overview Lecture will cover why matrices and linear algebra

Matrices Basic Linear Algebra Overview Lecture will cover why matrices and linear algebra

Matrices Basic Linear Algebra Overview Lecture will cover why matrices and linear algebra are so important basic terminology Gauss-Jordan elimination LU factorisation error estimation libraries Basic Linear Algebra 2

564 views • 27 slides
Transformations and Matrices Transformations I Transformations are functions Matrices

Transformations and Matrices Transformations I Transformations are functions Matrices

Transformations and Matrices Transformations I Transformations are functions Matrices are functions representations Matrices represent linear transfs CS5600 Computer Graphics Lecture Set 5 by 2 x 2 Matrices == 2D Linear

269 views • 9 slides
15-388/688 - Practical Data Science: Matrices, vectors, and linear algebra J. Zico Kolter

15-388/688 - Practical Data Science: Matrices, vectors, and linear algebra J. Zico Kolter

15-388/688 - Practical Data Science: Matrices, vectors, and linear algebra J. Zico Kolter Carnegie Mellon University Fall 2019 1 Outline Matrices and vectors Basics of linear algebra Libraries for matrices and vectors Sparse matrices 2

356 views • 31 slides
Straight lines Instructions You have to write Do these slides on Exercise 7.1 your

Straight lines Instructions You have to write Do these slides on Exercise 7.1 your

7. Parallel Straight lines Instructions You have to write Do these slides on Exercise 7.1 your mathematics Exercise 7.2 writing book Stra Straigh ight t lin line se e segm gment ent T he two end points of the straight line segment

536 views • 22 slides
Linear Algebra II: linear combinations & matrices Math Tools for Neuroscience (NEU 314)

Linear Algebra II: linear combinations & matrices Math Tools for Neuroscience (NEU 314)

Linear Algebra II: linear combinations & matrices Math Tools for Neuroscience (NEU 314) Fall 2016 Jonathan Pillow Princeton Neuroscience Institute & Psychology. Lecture 3 (Thursday 9/22) accompanying notes/slides Linear

255 views • 10 slides
Theoretical and Practical Results on Straight Skeletons of Planar Straight-Line Graphs Stefan

Theoretical and Practical Results on Straight Skeletons of Planar Straight-Line Graphs Stefan

Theoretical and Practical Results on Straight Skeletons of Planar Straight-Line Graphs Stefan Huber Martin Held University of Salzburg Computer Science Department Salzburg, Austria Stefan Huber, Martin Held: Straight Skeletons of PSLGs 1 /

670 views • 29 slides
Computing Straight Skeletons of Planar Straight-Line Graphs Based on Motorcycle Graphs CCCG2010,

Computing Straight Skeletons of Planar Straight-Line Graphs Based on Motorcycle Graphs CCCG2010,

Computing Straight Skeletons of Planar Straight-Line Graphs Based on Motorcycle Graphs CCCG2010, Winnipeg, Canada Stefan Huber Martin Held Universit at Salzburg, Austria August 11, 2010 Stefan Huber, Martin Held Straight Skeletons of a

494 views • 28 slides
SSA form SSA form Michel Schinz SSA form Straight-line code Transforming a piece of

SSA form SSA form Michel Schinz SSA form Straight-line code Transforming a piece of

SSA form SSA form Michel Schinz SSA form Straight-line code Transforming a piece of straight-line code i.e. without branches to SSA is trivial: each definition of a given name gives rise to a new version of that name, identified by a

669 views • 7 slides
JUST THE MATHS SLIDES NUMBER 8.5 VECTORS 5 (Vector equations of straight lines) by

JUST THE MATHS SLIDES NUMBER 8.5 VECTORS 5 (Vector equations of straight lines) by

JUST THE MATHS SLIDES NUMBER 8.5 VECTORS 5 (Vector equations of straight lines) by A.J.Hobson 8.5.1 Introduction 8.5.2 The straight line passing through a given point and parallel to a given vector 8.5.3 The straight line passing

510 views • 18 slides
Graphics 2014 Linear Algebra II Linear Maps & Matrices Linear Maps & Matrices CORE

Graphics 2014 Linear Algebra II Linear Maps & Matrices Linear Maps & Matrices CORE

Graphics 2014 Linear Algebra II Linear Maps & Matrices Linear Maps & Matrices CORE core topics important Linear Combinations x 1 2x 2 + x 1 = x 2 =1 Linear Combinations Algebra Linear Combinations

1.58k views • 117 slides
Matrices with Application to Page Rank Markov Matrices Pagerank Anil Maheshwari

Matrices with Application to Page Rank Markov Matrices Pagerank Anil Maheshwari

Linear Algebra Review Introduction Matrices Matrices with Application to Page Rank Markov Matrices Pagerank Anil Maheshwari anil@scs.carleton.ca School of Computer Science Carleton University Canada Matrices Linear Algebra Review

744 views • 52 slides
Elementary Matrices, Matrix Inverse, Determinants, More on Linear Systems Marco Chiarandini

Elementary Matrices, Matrix Inverse, Determinants, More on Linear Systems Marco Chiarandini

DM559 Linear and Integer Programming Lecture 4 Elementary Matrices, Matrix Inverse, Determinants, More on Linear Systems Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark Elementary Matrices

540 views • 41 slides
1 Depreciation Straight Line Method Cost of Bowing Machine 78,124 Estimated Residual Value

1 Depreciation Straight Line Method Cost of Bowing Machine 78,124 Estimated Residual Value

LGB524 Project and Financial Management Image by Les_Stockton Aims and Objectives In this lecture you will: Understand the two methods of Depreciation - Straight line method and the Reducing Balance method. Analyse the methods of

421 views • 11 slides
Binary Logistic Regression In ordinary linear regression with continuous variables, we fit a

Binary Logistic Regression In ordinary linear regression with continuous variables, we fit a

Binary Logistic Regression In ordinary linear regression with continuous variables, we fit a straight line to a scatterplot of the X and Y data. The regression line is = + (1) i y x 1 0 i It is important to remember that, when

246 views • 22 slides
Preconditioning for Nonsymmetry and Time-dependence Andy Wathen Oxford University, UK joint

Preconditioning for Nonsymmetry and Time-dependence Andy Wathen Oxford University, UK joint

Preconditioning for Nonsymmetry and Time-dependence Andy Wathen Oxford University, UK joint work with Jen Pestana and Elle McDonald Jeju, Korea, 2015 p.1/24 Iterative methods For self-adjoint problems/symmetric matrices, iterative

672 views • 25 slides
QCrypt: Implemenng a Next-Generaon Quantum Key Disllaon Engine in Pracce P. Junod

QCrypt: Implemenng a Next-Generaon Quantum Key Disllaon Engine in Pracce P. Junod

Context Classical Channel Overall Security . . . . . . . . . . . . . . . . . . . . . QCrypt: Implemenng a Next-Generaon Quantum Key Disllaon Engine in Pracce P. Junod (HEIG-VD) Joint work with A. Burg, J. Constann

666 views • 29 slides
Optimizing R VM: Interpreter-level Specialization and Vectorization Haichuan Wang 1 , Peng Wu 2 ,

Optimizing R VM: Interpreter-level Specialization and Vectorization Haichuan Wang 1 , Peng Wu 2 ,

DSC2014 Optimizing R VM: Interpreter-level Specialization and Vectorization Haichuan Wang 1 , Peng Wu 2 , David Padua 1 1 University of Illinois at Urbana-Champaign 2 Huawei America Lab Optimizing R VM: Interpreter-level Specialization and

605 views • 22 slides
in the Finite Memory Length Regime Joint work of Yu-Chih Huang , National Chiao Tung University,

in the Finite Memory Length Regime Joint work of Yu-Chih Huang , National Chiao Tung University,

2020 IEEE International Symposium on Information Theory Error Rate Analysis for Random Linear Streaming Codes in the Finite Memory Length Regime Joint work of Yu-Chih Huang , National Chiao Tung University, Shih-Chun Lin , National Taiwan

520 views • 34 slides
Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim

Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim

Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim Lyubashevsky, Christof Paar, Krzysztof Pietrzak Authentication Protocols Prover Verifier HB-style authentication shared AES key K protocols

563 views • 22 slides
Module 2 2.1 Transportation Planning Process The transportation planning process has a lot of

Module 2 2.1 Transportation Planning Process The transportation planning process has a lot of

CE -751, SLD, Class Notes, Fall 2006, IIT Bombay Module 2 2.1 Transportation Planning Process The transportation planning process has a lot of similarity to the problem solving process. The following table gives the major differences between the

503 views • 8 slides
Tracing While Loops 7 January 2019 OSU CSE 1 Consider... int i = 4, j = 1, n = 0; while (i >

Tracing While Loops 7 January 2019 OSU CSE 1 Consider... int i = 4, j = 1, n = 0; while (i >

Tracing While Loops 7 January 2019 OSU CSE 1 Consider... int i = 4, j = 1, n = 0; while (i > j) { if (n % 2 == 0) { i--; } else { j++; } n++; } 7 January 2019 OSU CSE 2 Trace It int i = 4, j = 1, n = 0; i = 4 j = 1 n = 0 while

367 views • 20 slides
Tracing and Profiling MySQL Mostly with Linux tools: from strace and gdb to ftrace, bpftrace,

Tracing and Profiling MySQL Mostly with Linux tools: from strace and gdb to ftrace, bpftrace,

Tracing and Profiling MySQL Mostly with Linux tools: from strace and gdb to ftrace, bpftrace, perf and dynamic probes Valerii Kravchuk, Principal Support Engineer, MariaDB vkravchuk@gmail.com 1 Who am I? Valerii (aka Valeriy ) Kravchuk :

549 views • 27 slides

More recommend