Results 1  10
of
12
Efficient arithmetic on Koblitz curves
 Designs, Codes, and Cryptography
, 2000
"... Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the ..."
Abstract

Cited by 81 (0 self)
 Add to MetaCart
Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic scalar multiplication operation. Koblitz introduced a family of curves which admit especially fast elliptic scalar multiplication. His algorithm was later modified by Meier and Staffelbach. We give an improved version of the algorithm which runs 50 % faster than any previous version. It is based on a new kind of representation of an integer, analogous to certain kinds of binary expansions. We also outline further speedups using precomputation and storage.
An Infinite Class of Counterexamples to a Conjecture Concerning NonLinear Resilient Functions
 Journal of Cryptology
, 1995
"... The main construction for resilient functions uses linear errorcorrecting codes; a resilient function constructed in this way is said to be linear. It has been conjectured that if there exists a resilient function, then there exists a linear function with the same parameters. In this note, we co ..."
Abstract

Cited by 26 (5 self)
 Add to MetaCart
The main construction for resilient functions uses linear errorcorrecting codes; a resilient function constructed in this way is said to be linear. It has been conjectured that if there exists a resilient function, then there exists a linear function with the same parameters. In this note, we construct infinite classes of nonlinear resilient functions from the Kerdock and Preparata codes. We also show that there do not exist linear resilient functions having the same parameters as the functions that we construct from the Kerdock codes. Thus, the aforementioned conjecture is disproved.
Modern coding theory: the statistical mechanics and computer science point of view
, 2007
"... These are the notes for a set of lectures delivered by the two authors at the Les Houches Summer School on ‘Complex Systems’ in July 2006. They provide an introduction to the basic concepts in modern (probabilistic) coding theory, highlighting connections with statistical mechanics. We also stress c ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
These are the notes for a set of lectures delivered by the two authors at the Les Houches Summer School on ‘Complex Systems’ in July 2006. They provide an introduction to the basic concepts in modern (probabilistic) coding theory, highlighting connections with statistical mechanics. We also stress common concepts with other disciplines dealing with similar problems that can be generically referred to as ‘large graphical models’. While most of the lectures are devoted to the classical channel coding problem over simple memoryless channels, we present a discussion of more complex channel models. We conclude with an overview of the main open challenges in the field.
Improved Algorithms for Arithmetic on Anomalous Binary Curves
 In Advances in Cryptography, Crypto '97
, 1997
"... . It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic scalar multiplication operation. Koblitz introduced a family of curves which admit especially fast elliptic scalar multiplication. His algorithm was later modified by Meier and Staffelbach. We give an improved version of the algorithm which runs 50% faster than any previous version. It is based on a new kind of representation of an integer, analogous to certain kinds of binary expansions. We also outline further speedups using precomputation and storage. Keywords: elliptic curves, exponentiation, publickey cryptography. 1 Introduction It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. More precisely, one work...
Optimal interleaving on tori
 IN PROC. IEEE INT. SYMP. INFORMATION THEORY (ISIT2004)
, 2004
"... This paper studies tinterleaving on twodimensional tori, which is defined by the property that every connected subgraph of order t in the torus is labelled by t distinct integers. This is the first time that the tinterleaving problem is solved for graphs of modular structures. tinterleaving on t ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
This paper studies tinterleaving on twodimensional tori, which is defined by the property that every connected subgraph of order t in the torus is labelled by t distinct integers. This is the first time that the tinterleaving problem is solved for graphs of modular structures. tinterleaving on tori has applications in distributed data storage and burst error correction, and is closely related to Lee metric codes. We say that a torus can be perfectly tinterleaved if its tinterleaving number — the minimum number of distinct integers needed to tinterleave the torus — meets the spherepacking lower bound. We prove the necessary and sufficient conditions for tori that can be perfectly tinterleaved, and present efficient perfect tinterleaving constructions. The most important contribution of this paper is to prove that when a torus is large enough in both dimensions, its tinterleaving number is at most one more than the spherepacking lower bound, and to present an optimal and efficient tinterleaving scheme for such tori. Then we prove bounds for the tinterleaving numbers of the remaining cases, completing a general characterization of the tinterleaving problem on 2dimensional tori.
Optimized Network Data Storage and Topology Control
, 2004
"... I am grateful to my advisor, Prof. Jehoshua (Shuki) Bruck, for his enormous help over the years. He has offered valuable advice on all aspects of research, and allowed me complete freedom in exploring new fields. I have received endless support from Shuki in everything. I am grateful to Prof. Robert ..."
Abstract
 Add to MetaCart
I am grateful to my advisor, Prof. Jehoshua (Shuki) Bruck, for his enormous help over the years. He has offered valuable advice on all aspects of research, and allowed me complete freedom in exploring new fields. I have received endless support from Shuki in everything. I am grateful to Prof. Robert J. McEliece, Prof. K. Mani Chandy and Prof. Steven Low. I have learned a lot from them, both inside and outside classes. Prof. McEliece and Prof. Low have been indulgent in letting me attend their group meetings, where I listened, talked, and made friends with their students. I am grateful to Dr. Mario Blaum, from whom I have received lots of help. One of my favorite papers was sparked by his influential work. I am grateful to Prof. Richard M. Wilson and Prof. Yaser S. AbuMostafa, for serving on my candidacy committee despite their very busy schedules, and for providing valuable feedback. I am grateful to Prof. Chris Umans and Prof. Leonard Schulman. Attending their theoretical computer science reading groups has been a most stimulating and
to the Great Divide
, 2001
"... Euclid’s method for finding the greatest common divisor (GCD) of two integers was first described around the year 300 B.C. This simple iterative method is often regarded as the grandfather of all algorithms in Number Theory today. Many advances have been made since then—for example, Berlekamp’s algo ..."
Abstract
 Add to MetaCart
Euclid’s method for finding the greatest common divisor (GCD) of two integers was first described around the year 300 B.C. This simple iterative method is often regarded as the grandfather of all algorithms in Number Theory today. Many advances have been made since then—for example, Berlekamp’s algorithm for multiplicative inverse and Montgomery’s technique for modular multiplication. These binary addandshift algorithms for efficient finite field arithmetic operations have played important roles in today’s publickey cryptographic systems. Yet, two thousand three hundred years after Euclid’s GCD, one algorithm remained missing—division. For many decades we did not tackle modular division problems directly. Instead, we relied on the Extended Euclidean algorithm for calculating inversion and we computed division in a twostep process—inversion followed by multiplication. This practice is so deeply rooted in our teachings and doings today that we have neglected to ask whether the idea underlying the binary Extended Euclidean algorithm can also be applied to finding a general solution for field division. This paper describes such a solution: a binary addandshift algorithm for modular division in a residue class. This technique for fast computation of divisions in GF(2 m) is the key to a highly efficient implementation of elliptic curve cryptosystems.