Results 1  10
of
50
Feedback shift registers, 2adic span, and combiners with memory
 Journal of Cryptology
, 1997
"... Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presen ..."
Abstract

Cited by 51 (7 self)
 Add to MetaCart
(Show Context)
Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presented, including a synthesis algorithm (analogous to the BerlekampMassey algorithm for LFSR’s) which, for any pseudorandom sequence, constructs the smallest FCSR which will generate the sequence. These techniques are used to attack the summation cipher. This analysis gives a unified approach to the study of pseudorandom sequences, arithmetic codes, combiners with memory, and the MarsagliaZaman random number generator. Possible variations on the FCSR architecture are indicated at the end. Index Terms – Binary sequence, shift register, stream cipher, combiner with memory, cryptanalysis, 2adic numbers, arithmetic code, 1/q sequence, linear span. 1
Fast Modular Transforms
, 1974
"... It is shown that if division and multiplication in a Euclidean domain can be performed in O(N log ~ N) steps, then the residues of an N precision element in the domain can be computed in O(N log a+l N) steps. A special case of this result is that the residues of an N precision integer can be compute ..."
Abstract

Cited by 28 (0 self)
 Add to MetaCart
It is shown that if division and multiplication in a Euclidean domain can be performed in O(N log ~ N) steps, then the residues of an N precision element in the domain can be computed in O(N log a+l N) steps. A special case of this result is that the residues of an N precision integer can be computed in O(N log S N log log N) total operations. Using a polynomial division algorithm due to Strassen [24], it is shown that a polynomial of degree N 1 can be evaluated at N points in O(N log 2 N) total operations or O(N log N) multiplications. Using the methods of Horowitz [10] and Heindel [9], it is shown that if division and multiplication in a Euclidean domain can be performed in O(N log ~ N) steps, then the Chinese Remainder Algorithm (CRA) can be performed in O(Nlog ~+x N) steps. Special cases are: (a) the integer CRA can be performed in O(N log S N log log N) total operations, and (b) a polynomial of degree N 1 can be interpolated in O(N log 2 N) total operations or O(Nlog N) multiplications. Using these results, it is shown that a polynomial of degree N and all its derivatives can be evaluated at a point in O(N log s N) total operations.
Wavelet transforms associated with finite cyclic groups
 IEEE Trans. Inform. Theory
, 1993
"... Abstmct Multiresolution analysis via decomposition on wavelet bases has emerged as an important tool in the analysis of signals and images when these objects are viewed as sequences of complex or real numbers. An important class of multiresolution decompositions are the socalled Laplacian pyramid ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
(Show Context)
Abstmct Multiresolution analysis via decomposition on wavelet bases has emerged as an important tool in the analysis of signals and images when these objects are viewed as sequences of complex or real numbers. An important class of multiresolution decompositions are the socalled Laplacian pyramid schemes, in which the resolution is successively halved by recursively lowpass filtering the signal under analysis and decimating it by a factor of two. Generally speakhg, the principal framework within which multiresolution techniques have been studied and applied is the same as that used in the discretetime Fourier analysis of sequences of complex numbers. An analogous framework is developed for the multiresolution analysis of finitelength sequences of elements €mm arbitrary fields. Attention is restricted to sequences of length 2 &quot; for n a positive iuteger, so that the resolution may be recursively halved to completion. As in finitelength Fourier analysis, a cyclic group structure of the index set of such sequences is exploited to characterize the transforms of interest for the particular cases of complex and finite fields. This development is motivated by potential applications in areas such as digital signal processing and algebraic coding, in which cyclic Fourier analysis has found widespread applications. Index Terms Multiresolution analysis, wavelet transforms, Laplacian pyramid, finite fields, cyclic group, quadrature mimr filters. I.
Large Period Nearly deBruijn FCSR Sequences (Extended Abstract)
 In L.C. Guillou and J.J. Quisquater� editors� Advances in Cryptology � Eurocrypt �95
, 1995
"... Recently, a new class of feedback shift registers (FCSRs) was introduced, based on algebra over the 2adic numbers. The sequences generated by these registers have many algebraic properties similar to those generated by linear feedback shift registers. However, it appears to be significantly more di ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
(Show Context)
Recently, a new class of feedback shift registers (FCSRs) was introduced, based on algebra over the 2adic numbers. The sequences generated by these registers have many algebraic properties similar to those generated by linear feedback shift registers. However, it appears to be significantly more difficult to find maximal period FCSR sequences. In this paper we exhibit a technique for easily finding FCSRs that generate nearly maximal period sequences. We further show that these sequence have excellent distributional properties. They are balanced, and nearly have the deBruijn property for distributions of subsequences.
A New Algorithm for Multiplication in Finite Fields
 I E E E Trans. Computers
, 1989
"... ..."
(Show Context)
On Moduli Replication for Residue Arithmetic Computations of Complex Inner Products
 IEEE Trans. Comp
, 1990
"... ..."
Finite field polynomial multiplication in the frequency domain with application to elliptic curve cryptography
 In Proceedings of the 21th International Symposium on Computer and Information Sciences (ISCIS 2006), volume 4263 of Lecture Notes in Computer Science (LNCS
, 2006
"... Abstract. We introduce an efficient method for computing Montgomery products of polynomials in the frequency domain. The discrete Fourier transform (DFT) based method originally proposed for integer multiplication provides an extremely efficient method with the best asymptotic complexity, i.e. O(m l ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We introduce an efficient method for computing Montgomery products of polynomials in the frequency domain. The discrete Fourier transform (DFT) based method originally proposed for integer multiplication provides an extremely efficient method with the best asymptotic complexity, i.e. O(m log m log log m), for multiplication of mbit integers or (m − 1) st degree polynomials. However, the original DFT method bears significant overhead due to the conversions between the time and the frequency domains which makes it impractical for short operands as used in many applications. In this work, we introduce DFT modular multiplication which performs the entire modular multiplication (including the reduction step) in the frequency domain, and thus eliminates costly back and forth conversions. We show that, especially in computationally constrained platforms, multiplication of finite field elements may be achieved more efficiently in the frequency domain than in the time domain for operand sizes relevant to elliptic curve cryptography (ECC). To the best of our knowledge, this is the first work that proposes the use of frequency domain arithmetic for ECC and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1
Computation of convolutions and discrete Fourier transforms by polynomial transforms
 IBM J. Res. Develop
, 1978
"... Abstract: Discrete transforms are introduced and are defined in a ring of polynomials. These polynomial transforms are shown to have the convolution property and can be computed in ordinary arithmetic, without multiplications. Polynomial transforms are particularly well suited for computing discrete ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
Abstract: Discrete transforms are introduced and are defined in a ring of polynomials. These polynomial transforms are shown to have the convolution property and can be computed in ordinary arithmetic, without multiplications. Polynomial transforms are particularly well suited for computing discrete twodimensional convolutions with a minimum number of operations. Efficient algorithms for computing onedimensional convolutions and Discrete Fourier Transforms are then derived from polynomial transforms.
On the design and implementation of efficient zeroknowledge proofs of knowledge
 In Software Performance Enhancements for Encryption and Decryption and Cryptographic Compilers – SPEEDCC 09
"... Abstract. Zeroknowledge proofs of knowledge (ZKPoK) play an important role in many cryptographic applications. Direct anonymous attestation (DAA) and the identity mixer anonymous authentication system are first real world applications using ZKPoK as building blocks. But although being used for ma ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Zeroknowledge proofs of knowledge (ZKPoK) play an important role in many cryptographic applications. Direct anonymous attestation (DAA) and the identity mixer anonymous authentication system are first real world applications using ZKPoK as building blocks. But although being used for many years now, design and implementation of sound ZKPoK remains challenging. In fact, there are security flaws in various protocols found in literatur. Especially for nonexperts in the field it is often hard to design ZKPoK, since a unified and easy to use theoretical framework on ZKPoK is missing. With this paper we overcome important challenges and facilitate the design and implementation of efficient and sound ZKPoK in practice. First, Camenisch et al. have presented at EUROCRYPT 2009 a first unified and modular theoretical framework for ZKPoK. This is compelling, but makes use of a rather inefficient 6move protocol. We extend and improve their framework in terms of efficiency and show how to realize it using efficient 3move Σprotocols. Second, we perform an exact security and efficiency analysis for our new protocol and various protocols found in the literature. The analysis yields novel and perhaps surprising results and insights. It reveals for instance that using a 2048 bit RSA modulus, as specified in the DAA standard, only guarantees an upper bound on the success probability of a malicious prover between 1/2 4 and 1/2 24. Also, based on that analysis we show how to select the most efficient protocol to realize a given proof goal. Finally, we also provide lowlevel support to a designer by presenting a compiler realizing our framework and optimization techniques, allowing easy implementation of efficient and sound protocols.
Video filtering with Fermat number theoretic transforms using residue number system,” Circuits and Systems for Video Technology
 IEEE Transactions on
, 2006
"... Abstract—We investigate image and video convolutions based on Fermat number transform (FNT) modulo = 2 + 1 where is an integer power of two. These transforms are found to be ideal for image convolutions, except that the choices for the word length, restricted by the transform modulus, are rather lim ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Abstract—We investigate image and video convolutions based on Fermat number transform (FNT) modulo = 2 + 1 where is an integer power of two. These transforms are found to be ideal for image convolutions, except that the choices for the word length, restricted by the transform modulus, are rather limited. We discuss two methods to overcome this limitation. First, we allow to be an arbitrary integer. This gives much wider variety in possible moduli, at the cost of decreased transform length of 16 or 32 points for 32. Nevertheless, the transform length appears still to be useful especially with blockbased image and video filtering applications. We call these transforms the generalized FNT (GFNT). The second solution is to use a residue number system (RNS) to enlarge the effective modulus, while performing actual number theoretic transforms with smaller moduli. This approach appears to be particularly useful with moduli