PRNGlib provides several pseudo-random number generators through a common interface on any Shared or Distributed Memory Parallel architecture. Common routines are specified to initialize the generators with appropriate seeds on each processor and to generate uniform or (normal, Poisson, exponential) distributed random vectors. We concentrate on those generators which assure high quality (i.e., passing most of the empirical and theoretical tests), have a long period, and can be calculated quickly, also in parallel, i.e., it must be possible to generate the same random sequence independent of the number of processors. This splitting facility implies a method to skip over n pseudo-random numbers without calculating all intermediate values, i.e., an O(log n) algorithm is required. Taking into account these criteria Lagged Fibonacci, Generalized Shift Register, and Multiplicative Linear Congruential generators are implemented with (almost) arbitrary specifications for lags, multipliers, m...

The paper presents a survey of most common hardware architectures for finite field arithmetic especially suitable for cryptographic applications. We discuss architectures for three types of finite fields and their special versions popularly used in cryptography: binary fields, prime fields and extension fields. We summarize algorithms and hardware architectures for finite field multiplication, squaring, addition/subtraction, and inversion for each of these fields. Since implementations in hardware can either focus on high-speed or on area-time efficiency, a careful choice of the appropriate set of architectures has to be made depending on the performance requirements and available area.

this report we shall present the fundamentals of random number generation on parallel processors. We shall exhibit how the practical task of carrying out stochastic simulation on a parallel machine leads deeply into number theory and algebra. We shall see that some classical algorithms which have proved to be excellent for single-processor machines, are either useless or require greatest care in the case of parallel processors. Stochastic simulation is one of the important tasks for single- as well as multiprocessor machines. Computer simulations of real-life processes based on stochastic models have become one of the most interesting -- and demanding -- applications of mathematics. Due to the computational complexity of the problems, parallelization of the underlying algorithms is receiving increasing attention. As a basic condition to any research, we should be able to reproduce and to verify a scientific experiment. These two requirements and, further, considerations of storage and computational effectiveness rule out physical sources for random numbers, such as radioactive decay or electronic noise. The efficient generation of random numbers of high statistical quality is an absolute necessity for stochastic simulation. In his well-known monograph, Ripley [19, p.2] writes: "The first thing needed for a stochastic simulation is a source of randomness. This is often taken for granted but is of fundamental importance. Regrettably many of the so-called random functions supplied with the most widespread computers are far from random, and many simulation studies have been invalidated as a consequence." D5H-1/Rel 1.0/April 27, 1994 Random number generators for parallel processors PACT The following statement from Ripley[19, p.14] does not exaggerate the actual situation:...

A significant problem in commercial-size development projects is to ensure that the process of fixing one design problem does not introduce another. In the context of conventional testing this is checked through regression testing. If consecutive test suites check N properties, a failure in one may require retesting all the previous suites once a fix has been made. This results in O(N 2 ) tests in all, to assure that no fix in fact breaks a previously good test. (Usually, one does not dare to defer retesting to the very end-- thereby counting on nothing having been broken in the process-- but retests all previous properties after each significant fix.) When formal verification is used in place of conventional testing, the analog of regression testing can be done much more simply-- in some cases effectively in constant time. The key to achieving this simplification is to replace re-verification with a highly reliable "hash" check on the model parse tree, reduced relative to the verif...

We study the parity of the number of irreducible factors of trinomials over Galois fields of characteristic 2. As a consequence, some sufficient conditions for a trinomial being reducible are obtained. For example, x n + ax k + b 2 GF (2 t )[x] is reducible if both n, t are even, except possibly when n = 2k, k odd. The case t = 1 was treated by R.G. Swan [10], who showed that x n + x k + 1 is reducible over GF (2) if 8|n.

For those n < 5000, for which the factorization of 2 n − 1 is known, the first primitive trinomial (if such exists) and a randomly generated primitive 5 – and 7–nomial of degree n in GF(2) are given. A primitive polynomial of degree n over GF(2) is useful for generating a pseudo–random sequence of n–tuples of zeros and ones, see [8]. If the polynomial has a small number k of terms, then the sequence is easily computed. But for cryptological applications (correlation attack, see [5]) it is often necessary to have the primitive polynomials with k larger than one can find in the existing tables. For example, Zierler and Brillhart [10, 11] have calculated all irreducible trinomials of degree n ≤ 1000, with the period for some for which the factorization of 2 n −1 is known; Stahnke [7] has listed one example of a trinomial or pentanomial of degree n ≤ 168; Zierler [12] has listed all primitive trinomials whose degree is a Mersenne exponent ≤ 11213 = M23 (here Mj denotes the jth Mersenne exponent); Rodemich and Rumsey [6] have listed all primitive trinomials of degree Mj, 12 ≤ j ≤ 17; Kurita and Matsumoto [2] have listed all primitive trinomials of degree Mj, 24 ≤ j ≤ 28, and one example of primitive pentanomials of degree Mj, 8 ≤ j ≤ 27.

: 2 1 Introduction 2 2 Some measures of the quality of uniform distribution of sequences and parallel Weyl--sequences 3 3 Parallel Generation and Independence of Weyl Sequences 9 R5Z-4/Rel 1.0/Oktober 31 1994 Introduction PACT 0 Abstract: The paper ist part of the NEWTON project. New Technology of Numerics intends to be the amalgam of number theoretic multivariate numerics and the advanced technology of parallel computers. We propose in the present paper parallel Weyl generators for pseudo random sequences of points in the s--dimensional unit cube. The methods proposed are useful for multivariate numerical and simulation problems. 1 Introduction Many questions of contemporary numerical analysis such as multivariate integration, approximation and interpolation and simulation as well are connected with the theory of uniform distributed sequences. The most efficient methods of multivariate analysis and simulation (i. e. pseudo--random generators) are based on deep methods of number th...

s), p.146, 1985. [790] J.L. MASSEY AND X. LAI, "Device for converting a digital block and the use thereof", European Patent # 482,154, 29 Apr 1992. [791] , "Device for the conversion of a digital block and use of same", U.S. Patent # 5,214,703, 25 May 1993. [792] J.L. MASSEY AND J.K. OMURA, "Method and apparatus for maintaining the privacy of digital messages conveyed by public transmission ", U.S. Patent # 4,567,600, 28 Jan 1986. [793] J.L. MASSEY AND R.A. RUEPPEL, "Linear ciphers and random sequence generators with multiple clocks", Advances in Cryptology-- Proceedings of EUROCRYPT 84 (LNCS 209), 74--87, 1985. [794] J.L. MASSEY AND S. SERCONEK, "A Fourier transform approach to the linear complexity of nonlinearly filtered sequences", Advances in Cryptology--CRYPTO '94 (LNCS 839), 332--340, 1994. [795] M. MATSUI, "The first experimental cryptanalysis of the Data Encryption Standard", Advances in Cryptology--CRYPTO '94 (LNCS 839), 1--11, 1994. [796] , "Linear cryptanalysis metho...

This paper also appeared in [1219].

This paper also appeared in [1219].