Results 1  10
of
159
Invariant measures for higherrank hyperbolic abelian actions
, 2002
"... We investigate invariant ergodic measures for certain partially hyperbolic and Anosov actions of R k, Z k and Z k +. We show that they are either Haar measures or that every element of the action has zero metric entropy. ..."
Abstract

Cited by 74 (26 self)
 Add to MetaCart
We investigate invariant ergodic measures for certain partially hyperbolic and Anosov actions of R k, Z k and Z k +. We show that they are either Haar measures or that every element of the action has zero metric entropy.
Feedback shift registers, 2adic span, and combiners with memory
 Journal of Cryptology
, 1997
"... Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presen ..."
Abstract

Cited by 50 (7 self)
 Add to MetaCart
Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presented, including a synthesis algorithm (analogous to the BerlekampMassey algorithm for LFSR’s) which, for any pseudorandom sequence, constructs the smallest FCSR which will generate the sequence. These techniques are used to attack the summation cipher. This analysis gives a unified approach to the study of pseudorandom sequences, arithmetic codes, combiners with memory, and the MarsagliaZaman random number generator. Possible variations on the FCSR architecture are indicated at the end. Index Terms – Binary sequence, shift register, stream cipher, combiner with memory, cryptanalysis, 2adic numbers, arithmetic code, 1/q sequence, linear span. 1
On circuits and numbers
 IEEE Transactions on Computers
, 1994
"... This work may not be copied or reproduced in whole or in part for any commercial purpose. Permission to copy in whole or in part without payment of fee is granted for nonprofit educational and research purposes provided that all such whole or partial copies include the following: a notice that such ..."
Abstract

Cited by 23 (1 self)
 Add to MetaCart
This work may not be copied or reproduced in whole or in part for any commercial purpose. Permission to copy in whole or in part without payment of fee is granted for nonprofit educational and research purposes provided that all such whole or partial copies include the following: a notice that such copying is by permission of the Paris Research Laboratory of Digital Equipment Centre Technique Europe, in RueilMalmaison, France; an acknowledgement of the authors and individual contributors to the work; and all applicable portions of the copyright notice. Copying, reproducing, or republishing for any other purpose shall require a license with payment of fee to the Paris Research Laboratory. All rights reserved. ii We establish the following correspondences between the ring of 2adic integers 2Z from arithmetics and digital circuits (finite and infinite, combinational and synchronous) from electronics (Theorems 1 and 2): 1. A function is computed by a combinational circuit if and only if it is continuous over the 2adic integers 2Z: 8n 2 N � x 2 2Z � 9m 2 N: f�x��f�xmod2 m � �mod 2 n ��
Arithmetic Crosscorrelations of FCSR Sequences
 IEEE Trans. Info. Theory
, 1999
"... An arithmetic version of the crosscorrelation of two sequences is defined, generalizing Mandelbaum's arithmetic autocorrelations. Large families of sequences are constructed with ideal (vanishing) arithmetic crosscorrelations. These sequences are decimations of the 2adic expansions of rational ..."
Abstract

Cited by 19 (12 self)
 Add to MetaCart
An arithmetic version of the crosscorrelation of two sequences is defined, generalizing Mandelbaum's arithmetic autocorrelations. Large families of sequences are constructed with ideal (vanishing) arithmetic crosscorrelations. These sequences are decimations of the 2adic expansions of rational numbers p/q such that 2 is a primitive root modulo q.
Uniformly distributed sequences of padic integers
 Math. Appl
, 2002
"... Abstract. The paper describes ergodic (with respect to the Haar measure) functions in the class of all functions that are defined on (and take values in) the ring Zp of padic integers, and satisfy (at least, locally) the Lipschitz condition with coefficient 1. Equiprobable (in particular, measurep ..."
Abstract

Cited by 19 (6 self)
 Add to MetaCart
Abstract. The paper describes ergodic (with respect to the Haar measure) functions in the class of all functions that are defined on (and take values in) the ring Zp of padic integers, and satisfy (at least, locally) the Lipschitz condition with coefficient 1. Equiprobable (in particular, measurepreserving) functions of this class are described also. In some cases (and especially for p = 2) the descriptions are given by explicit formulae. Some of the results may be viewed as descriptions of ergodic isometric dynamical systems on the padic unit disk. The study is motivated by the problem of pseudorandom number generation for computer simulation and cryptography. From this view the paper describes nonlinear congruential pseudorandom generators modulo m that produce stricly periodic uniformly distributed sequences modulo m of a maximum possible period length (i.e., exactly m). Both state update functions and output functions of these generators could be, e.g., meromorphic on Zp functions (in particular, polynomials with rational, but not necessarily integer coefficients), or compositions of arithmetical operations (like addition, multiplication, exponentiation, raising to integer powers, including negative ones) with standard
Algebraic specification and coalgebraic synthesis of Mealy machines
 In: Proceedings of FACS 2005. ENTCS
, 2006
"... We introduce the notion of functional stream derivative, generalising the notion of input derivative of rational expressions (Brzozowski 1964) to the case of stream functions over arbitrary input and output alphabets. We show how to construct Mealy automata from algebraically specified stream functi ..."
Abstract

Cited by 19 (7 self)
 Add to MetaCart
We introduce the notion of functional stream derivative, generalising the notion of input derivative of rational expressions (Brzozowski 1964) to the case of stream functions over arbitrary input and output alphabets. We show how to construct Mealy automata from algebraically specified stream functions by the symbolic computation of functional stream derivatives. We illustrate this construction in full detail for various bitstream functions specified in the algebraic calculus of the 2adic numbers. This work is part of a larger ongoing effort to specify and model component connector circuits in terms of (functions and relations on) streams.
The 2adic CM method for genus 2 curves with application to cryptography
 in ASIACRYPT ‘06, Springer LNCS 4284
, 2006
"... Abstract. The complex multiplication (CM) method for genus 2 is currently the most efficient way of generating genus 2 hyperelliptic curves defined over large prime fields and suitable for cryptography. Since low class number might be seen as a potential threat, it is of interest to push the method ..."
Abstract

Cited by 18 (1 self)
 Add to MetaCart
Abstract. The complex multiplication (CM) method for genus 2 is currently the most efficient way of generating genus 2 hyperelliptic curves defined over large prime fields and suitable for cryptography. Since low class number might be seen as a potential threat, it is of interest to push the method as far as possible. We have thus designed a new algorithm for the construction of CM invariants of genus 2 curves, using 2adic lifting of an input curve over a small finite field. This provides a numerically stable alternative to the complex analytic method in the first phase of the CM method for genus 2. As an example we compute an irreducible factor of the Igusa class polynomial system for the quartic CM field Q(i p 75 + 12 √ 17), whose class number is 50. We also introduce a new representation to describe the CM curves: a set of polynomials in (j1, j2, j3) which vanish on the precise set of triples which are the Igusa invariants of curves whose Jacobians have CM by a prescribed field. The new representation provides a speedup in the second phase, which uses Mestre’s algorithm to construct a genus 2 Jacobian of prime order over a large prime field for use in cryptography. 1
Modular and padic cyclic codes
 Designs, Codes and Cryptography 6
, 1995
"... Abstract. This paper presents some basic theorems giving the structure of cyclic codes of length n over the ring of integers modulo pa and over the padic numbers, where p is a prime not dividing n. An especially interesting example is the 2adic cyclic code of length 7 with generator polynomial X 3 ..."
Abstract

Cited by 17 (2 self)
 Add to MetaCart
Abstract. This paper presents some basic theorems giving the structure of cyclic codes of length n over the ring of integers modulo pa and over the padic numbers, where p is a prime not dividing n. An especially interesting example is the 2adic cyclic code of length 7 with generator polynomial X 3 +,~X 2 + (L I)X l, where)~ satisfies ~2 _ k + 2 = 0. This is the 2adic generalization of both the binary Hamming code and the quaternary octacode (the latter being equivalent to the NordstromRobinson code). Other examples include the 2adie Golay code of length 24 and the 3adic Golay code of length 12. 1.
An Extension of Kedlaya’s Pointcounting Algorithm to Superelliptic Curves
 Advances in cryptology—ASIACRYPT 2001 (Gold Coast), 480–494, Lecture Notes in Comput. Sci., 2248
, 2001
"... Abstract. We present an algorithm for counting points on superelliptic curves y r = f(x) over a finite field Fq of small characteristic different from r. This is an extension of an algorithm for hyperelliptic curves due to Kedlaya. In this extension, the complexity, assuming r and the genus are fixe ..."
Abstract

Cited by 15 (1 self)
 Add to MetaCart
Abstract. We present an algorithm for counting points on superelliptic curves y r = f(x) over a finite field Fq of small characteristic different from r. This is an extension of an algorithm for hyperelliptic curves due to Kedlaya. In this extension, the complexity, assuming r and the genus are fixed, is O(log 3+ε q) in time and space, just like for hyperelliptic curves. We give some numerical examples obtained with our first implementation, thus provingthat cryptographic sizes are now reachable. 1