Results 1  10
of
24
RegisterTransfer Level Estimation Techniques for Switching Activity and Power Consumption
 in Proc. Int. Conf. ComputerAided Design
, 1996
"... We present techniques for estimating switching activity and power consumption in registertransfer level (RTL) circuits. Previous work on this topic has ignored the presence of glitching activity at various data path and control signals, which can lead to significant underestimation of switching act ..."
Abstract

Cited by 48 (4 self)
 Add to MetaCart
(Show Context)
We present techniques for estimating switching activity and power consumption in registertransfer level (RTL) circuits. Previous work on this topic has ignored the presence of glitching activity at various data path and control signals, which can lead to significant underestimation of switching activity. For data path blocks that operate on wordlevel data, we construct piecewise linear models that capture the variation of output glitching activity and power consumptionwith various wordlevel parameters like mean, standard deviation, spatial and temporal correlations, and glitching activity at the block's inputs. For RTL blocks that operate on data that need not have an associated wordlevel value, we present accurate bitlevel modeling techniques for glitching activity as well as power consumption. This allows us to perform accurate power estimation for controlflow intensive circuits, where most of the power consumed is dissipated in nonarithmetic components like multiplexers, regi...
Practical ZeroKnowledge Proofs: Giving Hints and Using Deficiencies
 JOURNAL OF CRYPTOLOGY
, 1994
"... New zeroknowledge proofs are given for some numbertheoretic problems. All of the problems are in NP, but the proofs given here are much more efficient than the previously known proofs. In addition, these proofs do not require the prover to be superpolynomial in power. A probabilistic polynomial t ..."
Abstract

Cited by 32 (0 self)
 Add to MetaCart
(Show Context)
New zeroknowledge proofs are given for some numbertheoretic problems. All of the problems are in NP, but the proofs given here are much more efficient than the previously known proofs. In addition, these proofs do not require the prover to be superpolynomial in power. A probabilistic polynomial time prover with the appropriate trapdoor knowledge is sufficient. The proofs are perfect or statistical zeroknowledge in all cases except one.
A Scalable Hash Ripple Join Algorithm
 SIGMOD
, 2002
"... Recently, Haas and Hellerstein proposed the hash ripple join algorithm in the context of online aggregation. Although the algorithm rapidly gives a good estimate for many joinaggregate problem instances, the convergence can be slow if the number of tuples that satisfy the join predicate is small or ..."
Abstract

Cited by 21 (0 self)
 Add to MetaCart
(Show Context)
Recently, Haas and Hellerstein proposed the hash ripple join algorithm in the context of online aggregation. Although the algorithm rapidly gives a good estimate for many joinaggregate problem instances, the convergence can be slow if the number of tuples that satisfy the join predicate is small or if there are many groups in the output. Furthermore, if memory overflows (for example, because the user allows the algorithm to run to completion for an exact answer), the algorithm degenerates to block ripple join and performance suffers. In this paper, we build on the work of Haas and Hellerstein and propose a new algorithm that (a) combines parallelism with sampling to speed convergence, and (b) maintains good performance in the presence of memory overflow. Results from a prototype implementation in a parallel DBMS show that its rate of convergence scales with the number of processors, and that when allowed to run to completion, even in the presence of memory overflow, it is competitive with the traditional parallel hybrid hash join algorithm. 1.
Fractionfree Computation of Matrix Rational Interpolants and Matrix GCDs
, 2000
"... We present a new set of algorithms for computation of matrix rational interpolants and onesided matrix greatest common divisors. Examples of these interpolants include Pad'e approximants, NewtonPad'e, Pad'eHermite, simultaneous Pad'e approximants and more generally MPad' ..."
Abstract

Cited by 19 (5 self)
 Add to MetaCart
We present a new set of algorithms for computation of matrix rational interpolants and onesided matrix greatest common divisors. Examples of these interpolants include Pad'e approximants, NewtonPad'e, Pad'eHermite, simultaneous Pad'e approximants and more generally MPad'e approximants along with their matrix generalizations. The algorithms are fast and compute all solutions to a given problem. Solutions for all (possibly singular) subproblems along offdiagonal paths in a solution table are also computed by stepping around singular blocks on some path corresponding to "closest" regular interpolation problems. The algorithms are suitable for computation in exact arithmetic domains where growth of coefficients in intermediate computations are a central concern. This coefficient growth is avoided by using fractionfree methods. At the same time the methods are fast in the sense that they are at least an order of magnitude faster than existing fractionfree methods for the corresponding problems. The methods make use of linear systems having a special striped Krylov structure. Key words: Hermite Pad'e approximant, simultaneous Pad'e approximant, striped Krylov matrices, Fractionfree arithmetic Subject Classifications: AMS(MOS): 65D05, 41A21, CR: G.1.2 1 1
Sparse polynomial arithmetic
 SIGSAM Bull
, 1974
"... Sparse polynomial representations are used in a number of algebraic manipulation systems, including Aitran. This paper discusses the arithmetic operations with sparsely represented polynomials; we give particular attention to multiplication and division • We give new algorithms for multiplying two p ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
(Show Context)
Sparse polynomial representations are used in a number of algebraic manipulation systems, including Aitran. This paper discusses the arithmetic operations with sparsely represented polynomials; we give particular attention to multiplication and division • We give new algorithms for multiplying two polynomials, with n and m terms, in time mnlogm; these algorithms have the property that, in the usual univariate dense case, the algorithm is bounded by ran. Division algorithms are discussed which run in comparable time. A univariate polynomial of degree d in an indeterminate x is usually represented as
Efficient Acceleration of Asymmetric Cryptography on Graphics Hardware
 AFRICACRYPT 2009
, 2009
"... Graphics processing units (GPU) are increasingly being used for general purpose computing. We present implementations of large integer modular exponentiation, the core of publickey cryptosystems such as RSA, on a DirectX 10 compliant GPU. DirectX 10 compliant graphics processors are the latest gene ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
(Show Context)
Graphics processing units (GPU) are increasingly being used for general purpose computing. We present implementations of large integer modular exponentiation, the core of publickey cryptosystems such as RSA, on a DirectX 10 compliant GPU. DirectX 10 compliant graphics processors are the latest generation of GPU architecture, which provide increased programming flexibility and support for integer operations. We present high performance modular exponentiation implementations based on integers represented in both standard radix form and residue number system form. We show how a GPU implementation of a 1024bit RSA decrypt primitive can outperform a comparable CPU implementation by up to 4 times and also improve the performance of previous GPU implementations by decreasing latency by up to 7 times and doubling throughput. We present how an adaptive approach to modular exponentiation involving implementations based on both a radix and a residue number system gives the best allaround performance on the GPU both in terms of latency and throughput. We also highlight the usage criteria necessary to allow the GPU to reach peak performance on public key cryptographic operations.
On the Precision Attainable with Various FloatingPoint Number Systems
 IEEE Transactions on Computers
, 1973
"... For scientific computations on a digital computer the set of real numbers is usually approximated by a finite set F of “floatingpoint ” numbers. We compare the numerical accuracy possible with different choices of F having approximately the same range and requiring the same word length. In particul ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
(Show Context)
For scientific computations on a digital computer the set of real numbers is usually approximated by a finite set F of “floatingpoint ” numbers. We compare the numerical accuracy possible with different choices of F having approximately the same range and requiring the same word length. In particular, we compare different choices of base (or radix) in the usual floatingpoint systems. The emphasis is on the choice of F, not on the details of the number representation or the arithmetic, but both rounded and truncated arithmetic are considered. Theoretical results are given, and some simulations of typical floating pointcomputations (forming sums, solving systems of linear equations, finding eigenvalues) are described. If the leading fraction bit of a normalized base 2 number is not stored explicitly (saving a bit), and the criterion is to minimise the mean square roundoff error, then base 2 is best. If unnormalized numbers are allowed, so the first bit must be stored explicitly, then base 4 (or sometimes base 8) is the best of the usual systems. Index Terms: Base, floatingpoint arithmetic, radix, representation error, rms error, rounding error, simulation.
A New Approach to ServerAided Secret Computation
 International Conference on Information Security and Cryptology
, 1998
"... . ServerAided Secret Computation(SASC) protocol enables the client(smart card) to borrow the computing power from the server(un trusted auxiliary device like ATM) without revealing the secret information of the client. The previous approach is to decompose the client's secret information into ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
. ServerAided Secret Computation(SASC) protocol enables the client(smart card) to borrow the computing power from the server(un trusted auxiliary device like ATM) without revealing the secret information of the client. The previous approach is to decompose the client's secret information into many pieces and to reveal some of them to the server. It significantly accelerates the secret computation, however there are some problems. Firstly, many pieces that have linear relation enable an attacker to probabilistic active attack, and it causes the performance degradation of SASC protocol. Secondly, the amount of communication and the server's computation is very large and proportional to security parameters. In this paper, we investigate a new approach to SASC protocol for RSA signature generation. Our approach is to blind the client's secret information by using a series of random numbers rather than to decompose it. The proposed protocol is secure against all known attacks including the...
A Search for Wieferich and Wilson Primes
 Mathematics of Computation
, 1997
"... Abstract. An odd prime p is called a Wieferich prime if 2 p−1 ≡ 1 (mod p 2); alternatively, a Wilson prime if (p − 1)! ≡−1 (mod p 2). To date, the only known Wieferich primes are p = 1093 and 3511, while the only known Wilson primes are p =5,13, and 563. We report that there exist no new Wieferich p ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Abstract. An odd prime p is called a Wieferich prime if 2 p−1 ≡ 1 (mod p 2); alternatively, a Wilson prime if (p − 1)! ≡−1 (mod p 2). To date, the only known Wieferich primes are p = 1093 and 3511, while the only known Wilson primes are p =5,13, and 563. We report that there exist no new Wieferich primes p<4×1012, and no new Wilson primes p<5×108. It is elementary that both defining congruences above hold merely (mod p), and it is sometimes estimated on heuristic grounds that the “probability ” that p is Wieferich (independently: that p is Wilson) is about 1/p. We provide some statistical data relevant to occurrences of small values of the pertinent Fermat and Wilson quotients (mod p). Wieferich primes figure strongly in classical treatments of the first case of Fermat’s Last Theorem (“FLT(I)”). For an odd prime p not dividing xyz, Wieferich