Results 1 
8 of
8
Efficient arithmetic on Koblitz curves
 Designs, Codes, and Cryptography
, 2000
"... Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the ..."
Abstract

Cited by 81 (0 self)
 Add to MetaCart
Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic scalar multiplication operation. Koblitz introduced a family of curves which admit especially fast elliptic scalar multiplication. His algorithm was later modified by Meier and Staffelbach. We give an improved version of the algorithm which runs 50 % faster than any previous version. It is based on a new kind of representation of an integer, analogous to certain kinds of binary expansions. We also outline further speedups using precomputation and storage.
An Infinite Class of Counterexamples to a Conjecture Concerning NonLinear Resilient Functions
 Journal of Cryptology
, 1995
"... The main construction for resilient functions uses linear errorcorrecting codes; a resilient function constructed in this way is said to be linear. It has been conjectured that if there exists a resilient function, then there exists a linear function with the same parameters. In this note, we co ..."
Abstract

Cited by 25 (5 self)
 Add to MetaCart
The main construction for resilient functions uses linear errorcorrecting codes; a resilient function constructed in this way is said to be linear. It has been conjectured that if there exists a resilient function, then there exists a linear function with the same parameters. In this note, we construct infinite classes of nonlinear resilient functions from the Kerdock and Preparata codes. We also show that there do not exist linear resilient functions having the same parameters as the functions that we construct from the Kerdock codes. Thus, the aforementioned conjecture is disproved.
Modern coding theory: the statistical mechanics and computer science point of view
, 2007
"... These are the notes for a set of lectures delivered by the two authors at the Les Houches Summer School on ‘Complex Systems’ in July 2006. They provide an introduction to the basic concepts in modern (probabilistic) coding theory, highlighting connections with statistical mechanics. We also stress c ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
These are the notes for a set of lectures delivered by the two authors at the Les Houches Summer School on ‘Complex Systems’ in July 2006. They provide an introduction to the basic concepts in modern (probabilistic) coding theory, highlighting connections with statistical mechanics. We also stress common concepts with other disciplines dealing with similar problems that can be generically referred to as ‘large graphical models’. While most of the lectures are devoted to the classical channel coding problem over simple memoryless channels, we present a discussion of more complex channel models. We conclude with an overview of the main open challenges in the field.
Improved Algorithms for Arithmetic on Anomalous Binary Curves
 In Advances in Cryptography, Crypto '97
, 1997
"... . It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic scalar multiplication operation. Koblitz introduced a family of curves which admit especially fast elliptic scalar multiplication. His algorithm was later modified by Meier and Staffelbach. We give an improved version of the algorithm which runs 50% faster than any previous version. It is based on a new kind of representation of an integer, analogous to certain kinds of binary expansions. We also outline further speedups using precomputation and storage. Keywords: elliptic curves, exponentiation, publickey cryptography. 1 Introduction It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. More precisely, one work...
Optimal interleaving on tori
 IN PROC. IEEE INT. SYMP. INFORMATION THEORY (ISIT2004)
, 2004
"... This paper studies tinterleaving on twodimensional tori, which is defined by the property that every connected subgraph of order t in the torus is labelled by t distinct integers. This is the first time that the tinterleaving problem is solved for graphs of modular structures. tinterleaving on t ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
This paper studies tinterleaving on twodimensional tori, which is defined by the property that every connected subgraph of order t in the torus is labelled by t distinct integers. This is the first time that the tinterleaving problem is solved for graphs of modular structures. tinterleaving on tori has applications in distributed data storage and burst error correction, and is closely related to Lee metric codes. We say that a torus can be perfectly tinterleaved if its tinterleaving number — the minimum number of distinct integers needed to tinterleave the torus — meets the spherepacking lower bound. We prove the necessary and sufficient conditions for tori that can be perfectly tinterleaved, and present efficient perfect tinterleaving constructions. The most important contribution of this paper is to prove that when a torus is large enough in both dimensions, its tinterleaving number is at most one more than the spherepacking lower bound, and to present an optimal and efficient tinterleaving scheme for such tori. Then we prove bounds for the tinterleaving numbers of the remaining cases, completing a general characterization of the tinterleaving problem on 2dimensional tori.
to the Great Divide
, 2001
"... Euclid’s method for finding the greatest common divisor (GCD) of two integers was first described around the year 300 B.C. This simple iterative method is often regarded as the grandfather of all algorithms in Number Theory today. Many advances have been made since then—for example, Berlekamp’s algo ..."
Abstract
 Add to MetaCart
Euclid’s method for finding the greatest common divisor (GCD) of two integers was first described around the year 300 B.C. This simple iterative method is often regarded as the grandfather of all algorithms in Number Theory today. Many advances have been made since then—for example, Berlekamp’s algorithm for multiplicative inverse and Montgomery’s technique for modular multiplication. These binary addandshift algorithms for efficient finite field arithmetic operations have played important roles in today’s publickey cryptographic systems. Yet, two thousand three hundred years after Euclid’s GCD, one algorithm remained missing—division. For many decades we did not tackle modular division problems directly. Instead, we relied on the Extended Euclidean algorithm for calculating inversion and we computed division in a twostep process—inversion followed by multiplication. This practice is so deeply rooted in our teachings and doings today that we have neglected to ask whether the idea underlying the binary Extended Euclidean algorithm can also be applied to finding a general solution for field division. This paper describes such a solution: a binary addandshift algorithm for modular division in a residue class. This technique for fast computation of divisions in GF(2 m) is the key to a highly efficient implementation of elliptic curve cryptosystems.
unknown title
"... The literature of cryptography has a curious history. Secrecy, of course, has always played a central role, but until the First World War, important developments appeared in print in a more or less timely fashion and the field moved forward in much the same way as other specialized disciplines. As l ..."
Abstract
 Add to MetaCart
The literature of cryptography has a curious history. Secrecy, of course, has always played a central role, but until the First World War, important developments appeared in print in a more or less timely fashion and the field moved forward in much the same way as other specialized disciplines. As late as 1918, one of the most influential cryptanalytic papers of the twentieth century, William F. Friedman’s monograph The Index of Coincidence and Its Applications in Cryptography, appeared as a research report of the private Riverbank Laboratories [577]. And this, despite the fact that the work had been done as part of the war effort. In the same year Edward H. Hebern of Oakland, California filed the first patent for a rotor machine [710], the device destined to be a mainstay of military cryptography for nearly 50 years. After the First World War, however, things began to change. U.S. Army and Navy organizations, working entirely in secret, began to make fundamental advances in cryptography. During the thirties and forties a few basic papers did appear in the open literature and several treatises on the subject were published, but the latter were farther and farther behind the state of the art. By the end of the war the transition was complete. With one notable exception, the public literature had died. That exception was Claude Shannon’s paper “The Communication Theory of Secrecy Systems, ” which