Results 1  10
of
22
Discrete Logarithms in Finite Fields and Their Cryptographic Significance
, 1984
"... Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its appl ..."
Abstract

Cited by 87 (6 self)
 Add to MetaCart
Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its applicability in cryptography. Several cryptographic systems would become insecure if an efficient discrete logarithm algorithm were discovered. This paper surveys and analyzes known algorithms in this area, with special attention devoted to algorithms for the fields GF(2 n ). It appears that in order to be safe from attacks using these algorithms, the value of n for which GF(2 n ) is used in a cryptosystem has to be very large and carefully chosen. Due in large part to recent discoveries, discrete logarithms in fields GF(2 n ) are much easier to compute than in fields GF(p) with p prime. Hence the fields GF(2 n ) ought to be avoided in all cryptographic applications. On the other hand, ...
Dyad: A System for Using Physically Secure Coprocessors
 Proceedings of the Joint HarvardMIT Workshop on Technological Strategies for the Protection of Intellectual Property in the Network Multimedia Environment
, 1991
"... The Dyad project at Carnegie Mellon University is using physically secure coprocessors to achieve new protocols and systems addressing a number of perplexing security problems. These coprocessors can be produced as boards or integrated circuit chips and can be directly inserted in standard workstati ..."
Abstract

Cited by 82 (1 self)
 Add to MetaCart
The Dyad project at Carnegie Mellon University is using physically secure coprocessors to achieve new protocols and systems addressing a number of perplexing security problems. These coprocessors can be produced as boards or integrated circuit chips and can be directly inserted in standard workstations or PCstyle computers. This paper presents a set of security problems and easily implementable solutions that exploit the power of physically secure coprocessors: (1) protecting the integrity of publicly accessible workstations, (2) tamperproof accounting/audit trails, (3) copy protection, and (4) electronic currency without centralized servers. We outline the architectural requirements for the use of secure coprocessors. 1 Introduction and Motivation The Dyad project at Carnegie Mellon University is using physically secure coprocessors to achieve new protocols and systems addressing a number of perplexing security problems. These coprocessors can be produced as boards or integrated ...
A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes
, 1986
"... some discrete logarithm schemes ..."
An Application of a Fast Data Encryption Standard Implementation
 Computing Systems
, 1988
"... ABSTRACT: The Data Encryption Standard is used as the basis for the UNIX password encryption scheme. Some of the security of that scheme depends on the speed of the implementation. This paper presents a mathematical formulation of a fast implementation of the DES in software, discusses how the mathe ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
ABSTRACT: The Data Encryption Standard is used as the basis for the UNIX password encryption scheme. Some of the security of that scheme depends on the speed of the implementation. This paper presents a mathematical formulation of a fast implementation of the DES in software, discusses how the mathematics can be translated into code, and then analyzes the UNIX password scheme to show how these results can be used to implement it. Experimental results are provided for several computers to show that the given method speeds up the computation of a password by roughly 20 times (depending on the specifrc computer).
Learning Nonlinear Models of Shape and Motion
, 1999
"... Deformable models have been an active area of research in computer vision for a number of years. Their ability to model nonridgid objects through the combination of geometry and physics has proven a valuable tool in image processing. More recently a class of deformable objects known as Point Distri ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
Deformable models have been an active area of research in computer vision for a number of years. Their ability to model nonridgid objects through the combination of geometry and physics has proven a valuable tool in image processing. More recently a class of deformable objects known as Point Distribution Models or Eigen Models have been introduced. These statistical models of deformation overcome some of the shortfalls of earlier deformable models by learning what is 'allowable ' deformation, for an object class, from a training set of examples. This semiautomated learning procedure provides a more generic approach to object recognition, tracking and classification. Their strength lies in their simplicity and speed of operation, allowing the robust ability to model complex deformations in cluttered environments. However, the automated construction of such models leads to a breakdown of the fundamental assumptions upon which they are based. Primarily, that the underlying mathematical model is linear in nature. Furthermore, as more complex objects
Using unsupervised learning to guide resampling in imbalanced data sets
 In Proceedings of the Eighth International Workshop on AI and Statitsics
, 2001
"... The class imbalance problem causes a classier to over t the data belonging to the class with the greatest number of training examples. The purpose of this paper is to argue that methods that equalize class membership are not as e ective as possible when applied blindly and that improvements can be ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
The class imbalance problem causes a classier to over t the data belonging to the class with the greatest number of training examples. The purpose of this paper is to argue that methods that equalize class membership are not as e ective as possible when applied blindly and that improvements can be obtained by adjusting for the withinclass imbalance. A guided resampling technique is proposed and tested within a simpler letter recognition domain and a more di cult text classi cation domain. A fast unsupervised clustering technique, Principal Direction Divisive Partitioning (PDDP), is used to determine the internal characteristics of each class. The performance improvement in categories that su er from a large betweenclass imbalance (few positive examples) are shown to be improved when using the guided resampling method. 1
Building Temporal Models for Gesture Recognition
 In Proc. BMVC
, 2000
"... This work presents a piecewise linear approximation to nonlinear Point Distribution Models for modelling the human hand. The work utilises the natural segmentation of shape space, inherent to the technique, to apply temporal constraints which can be used with CONDENSATION to support multiple hy ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
This work presents a piecewise linear approximation to nonlinear Point Distribution Models for modelling the human hand. The work utilises the natural segmentation of shape space, inherent to the technique, to apply temporal constraints which can be used with CONDENSATION to support multiple hypotheses and quantum leaps through shape space. This paper presents a novel method by which the onestate transitions of the English Language are projected into shape space for tracking and model prediction using a HMM like approach. 1 Introduction Previous work by the author and other researchers have investigated statistical models of deformation [18]. These deformable models have been used to learn a priori shape and deformation from a training set of examples which, represent the shape and deformation of an object or a class of objects. Models are typically constructed that know what is valid deformation but not when deformation is valid. This important temporal constraint is benef...
A Study on the Construction and Analysis of Substitution Boxes for Symmetric Cryptosystems
, 1990
"... S(ubstitution)boxes are quite important components of modern symmetric cryptosystems (in particular, block ciphers) in the sense that Sboxes bring nonlinearity to block ciphers and strengthen their cryptographic security. An Sbox is said to satisfy the strict avalanche criterion (SAC), if and onl ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
S(ubstitution)boxes are quite important components of modern symmetric cryptosystems (in particular, block ciphers) in the sense that Sboxes bring nonlinearity to block ciphers and strengthen their cryptographic security. An Sbox is said to satisfy the strict avalanche criterion (SAC), if and only if for any single input bit of the Sbox, the inversion of it changes each output bit with probability one half. In this thesis, with the concrete proof of cryptographical properties of Sboxes satisfying the SAC, we propose a variety of provable construction methods for Sboxes satisfying the SAC. For Boolean Sboxes satisfying the SAC, we can construct and enlarge them by using concatenation, Kronecker (or direct) product, and dyadic shift. For bijective Sboxes satisfying the SAC, when an nbit input Boolean function and an nbit input bijective function satisfying the SAC are given, the combined function is proved to become an (n+1)bit bijective function satisfying the SAC as well. A...
From Differential Cryptanalysis to CiphertextOnly Attacks
 Lecture Notes in Computer Science 1462, Advances in Cryptology  Proceedings of CRYPTO'98, pp.7288
, 1998
"... Abstract. We present a method for efficient conversion of differential (chosen plaintext) attacks into the more practical known plaintext and ciphertextonly attacks. Our observation may save up to a factor of 2 20 in data over the known methods, assuming that plaintext is ASCII encoded English (or ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract. We present a method for efficient conversion of differential (chosen plaintext) attacks into the more practical known plaintext and ciphertextonly attacks. Our observation may save up to a factor of 2 20 in data over the known methods, assuming that plaintext is ASCII encoded English (or some other types of highly redundant data). We demonstrate the effectiveness of our method by practical attacks on the blockcipher Madryga and on roundreduced versions of RC5 and DES.
A HighSpeed Software DES Implementation
 Computer Communications Research Group
, 1989
"... This paper describes a highspeed software implementation of the Data Encryption Standard (DES) cipher algorithm and the design tradeoffs necessary for highspeed operation. Many of the techniques presented in this paper may be applicable to other product ciphers. 1 Introduction Data security is be ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
This paper describes a highspeed software implementation of the Data Encryption Standard (DES) cipher algorithm and the design tradeoffs necessary for highspeed operation. Many of the techniques presented in this paper may be applicable to other product ciphers. 1 Introduction Data security is becoming more important as more information is sent across networks. Once information is injected into the network, it may be intercepted in any number of locations. One way to protect information, whether it is transmitted or remains on a host computer, is to encrypt it. A popular form of encryption is the Data Encryption Standard or DES. This paper describes a highspeed software implementation of the DES encryption algorithm. The encryption rate on a DEC 3100 or a Sun 4 is about 1.1 megabits per second. The implementation and the design tradeoffs necessary for highspeed encryption are described. Many of the techniques used in this paper may be applicable to other product ciphers. The first...