Results 1  10
of
22
Automatic Generation of Polynomial Loop Invariants: Algebraic Foundations
 In International Symposium on Symbolic and Algebraic Computation 2004 (ISSAC04
, 2004
"... This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invaria ..."
Abstract

Cited by 29 (4 self)
 Add to MetaCart
This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invariants is given in terms of operations on ideals, for which Gröbner basis constructions can be employed. Most importantly, it is proved that if the assignment statements in a loop are solvable (in particular, affine) mappings with positive eigenvalues, then the procedure terminates in at most 2m + 1 iterations, where m is the number of variables in the loop. The proof is done by showing that the irreducible subvarieties of the variety associated with the polynomial ideal approximating the invariant polynomial ideal of the loop either stay the same or increase their dimension in every iteration. This yields a correct and complete algorithm for inferring conjunctions of polynomial equations as invariants. The method has been implemented in Maple using the Groebner package. The implementation has been used to automatically discover nontrivial invariants for several examples to illustrate the power of the techniques.
Fast Generation of Prime Numbers and Secure PublicKey Cryptographic Parameters
, 1995
"... A very efficient recursive algorithm for generating nearly random provable primes is presented. The expected time for generating a prime is only slightly greater than the expected time required for generating a pseudoprime of the same size that passes the MillerRabin test for only one base. The ..."
Abstract

Cited by 21 (0 self)
 Add to MetaCart
A very efficient recursive algorithm for generating nearly random provable primes is presented. The expected time for generating a prime is only slightly greater than the expected time required for generating a pseudoprime of the same size that passes the MillerRabin test for only one base. Therefore our algorithm is even faster than presentlyused algorithms for generating only pseudoprimes because several MillerRabin tests with independent bases must be applied for achieving a sufficient confidence level. Heuristic arguments suggest that the generated primes are close to uniformly distributed over the set of primes in the specified interval. Security constraints on the prime parameters of certain cryptographic systems are discussed, and in particular a detailed analysis of the iterated encryption attack on the RSA publickey cryptosystem is presented. The prime generation algorithm can easily be modified to generate nearly random primes or RSAmoduli that satisfy t...
An abstract interpretation approach for automatic generation of polynomial invariants
 In 11th Static Analysis Symposium
, 2004
"... www.cs.unm.edu/~kapur Abstract. A method for generating polynomial invariants of imperative programs is presented using the abstract interpretation framework. It is shown that for programs with polynomial assignments, an invariant consisting of a conjunction of polynomial equalities can be automatic ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
www.cs.unm.edu/~kapur Abstract. A method for generating polynomial invariants of imperative programs is presented using the abstract interpretation framework. It is shown that for programs with polynomial assignments, an invariant consisting of a conjunction of polynomial equalities can be automatically generated for each program point. The proposed approach takes into account tests in conditional statements as well as in loops, insofar as they can be abstracted to be polynomial equalities and disequalities. The semantics of each statement is given as a transformation on polynomial ideals. Merging of paths in a program is defined as the intersection of the polynomial ideals associated with each path. For a loop junction, a widening operator based on selecting polynomials up to a certain degree is proposed. The algorithm for finding invariants using this widening operator is shown to terminate in finitely many steps. The proposed approach has been implemented and successfully tried on many programs. A table providing details about the programs is given. 1
Implementation of fast RSA key generation on smart cards
 ACM Symposium on Applied Computing
, 2002
"... Although smart cards are becoming used in an increasing number of applications, there is small literature of the implementation issues for smart cards. This paper describes the issues and considerations that need to be taken into account when implementing the key generation step of a cryptographic a ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Although smart cards are becoming used in an increasing number of applications, there is small literature of the implementation issues for smart cards. This paper describes the issues and considerations that need to be taken into account when implementing the key generation step of a cryptographic algorithm widely used nowadays, RSA. Smart cards are used in many applications that require a tamper resistant area. Therefore, smart cards that use cryptography have to provide encryption, decryption, as well as key generation inside its security perimeter. RSA key generation is a concern for oncard implementation of RSA cryptosystem, as it usually takes a long time. In this paper, two simple but efficient key generation algorithms are evaluated, in addition to a simple but not very efficient algorithm. The paper discusses in detail how to build fast implementations for the three algorithms presented, using smart cards with cryptocoprocessor.
Low exponent attack against elliptic curve RSA
, 1995
"... Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver. This paper shows that elliptic curve RSA is not secure in the same scinario. It is shown that the KMOV scheme and Demytko's scheme are not secure if e = 5; n 2 1024 and the number of receivers = 428. In Demytko's scheme, e can take the value of 2. In this case, this system is not secure if the number of receiver = 11 for n 2 175 . 1 Introduction Hastad showed that low exponent RSA is not secure if the same message is encrypted to several receivers [1]. This is true even if timestamp is used for each receiver. For example, let e = 3. Then if the number of receivers = 7, the eavesdropper can find the plaintext from the seven ciphertexts of each receiver. On the other hand, el...
Some Primality Testing Algorithms
 Notices of the AMS
, 1993
"... We describe the primality testing algorithms in use in some popular computer algebra systems, and give some examples where they break down in practice. 1 Introduction In recent years, fast primality testing algorithms have been a popular subject of research and some of the modern methods are now i ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
We describe the primality testing algorithms in use in some popular computer algebra systems, and give some examples where they break down in practice. 1 Introduction In recent years, fast primality testing algorithms have been a popular subject of research and some of the modern methods are now incorporated in computer algebra systems (CAS) as standard. In this review I give some details of the implementations of these algorithms and a number of examples where the algorithms prove inadequate. The algebra systems reviewed are Mathematica, Maple V, Axiom and Pari/GP. The versions we were able to use were Mathematica 2.1 for Sparc, copyright dates 19881992; Maple V Release 2, copyright dates 19811993; Axiom Release 1.2 (version of February 18, 1993); Pari/GP 1.37.3 (Sparc version, dated November 23, 1992). The tests were performed on Sparc workstations. Primality testing is a large and growing area of research. For further reading and comprehensive bibliographies, the interested re...
The Number of Relations in the Quadratic Sieve Algorithm
, 1996
"... The subject of our study is the single large prime variation of the quadratic sieve algorithm. We derive a formula for the average numbers of complete and incomplete relations per polynomial, directly generated by the algorithm. The number of additional complete relations from the incomplete relatio ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
The subject of our study is the single large prime variation of the quadratic sieve algorithm. We derive a formula for the average numbers of complete and incomplete relations per polynomial, directly generated by the algorithm. The number of additional complete relations from the incomplete relations is then computed by a known formula. Hence practical hints for the optimal choice of the parameter values can be derived. We further compare theoretical estimates for the total number of smooth integers in an interval with countings in practice. AMS Subject Classification (1991): 11A51, 11Y05 CR Subject Classification (1991): F.2.1 Keywords & Phrases: Factorization, Multiple Polynomial Quadratic Sieve, Vector supercomputer, Cluster of work stations 1. Introduction We assume that the reader is familiar with the multiple polynomial quadratic sieve algorithm [Bre89, Pom85, PST88, Sil87, RLW89]. We consider the single large prime variation of the algorithm and write MPQS for short. If we ...
A oneparameter quadraticbase version of the Baillie–PSW probable prime test
 Math. Comp
"... Abstract. The wellknown BailliePSW probable prime test is a combination of a RabinMiller test and a “true ” (i.e., with (D/n) =−1) Lucas test. Arnault mentioned in a recent paper that no precise result is known about its probability of error. Grantham recently provided a probable prime test (RQFT ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract. The wellknown BailliePSW probable prime test is a combination of a RabinMiller test and a “true ” (i.e., with (D/n) =−1) Lucas test. Arnault mentioned in a recent paper that no precise result is known about its probability of error. Grantham recently provided a probable prime test (RQFT) with probability of error less than 1/7710, and pointed out that the lack of counterexamples to the BailliePSW test indicates that the true probability of error may be much lower. In this paper we first define pseudoprimes and strong pseudoprimes to quadratic bases with one parameter: Tu = T mod (T 2 − uT + 1), and define the basecounting functions: B(n) =#{u:0 ≤ u<n, nis a psp(Tu)} and SB(n) =#{u:0 ≤ u<n, nis an spsp(Tu)}. Then we give explicit formulas to compute B(n) and SB(n), and prove that, for odd composites n, B(n) <n/2 and SB(n) <n/8, and point out that these are best possible. Finally, based on oneparameter quadraticbase pseudoprimes, we provide a probable prime test, called the OneParameter QuadraticBase Test (OPQBT), which passed by all primes ≥ 5 andpassedbyanoddcompositen = p r1 1 pr2 2 ···prs s (p1 <p2 < ·· · <ps odd primes) with probability of error τ(n). We give explicit formulas to compute τ(n), and prove that
The Quadratic Sieve Factoring Algorithm
, 2001
"... Mathematicians have been attempting to find better and faster ways to factor composite numbers since the beginning of time. Initially this involved dividing a number by larger and larger primes until you had the factorization. This trial division was not improved upon until Fermat applied the ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Mathematicians have been attempting to find better and faster ways to factor composite numbers since the beginning of time. Initially this involved dividing a number by larger and larger primes until you had the factorization. This trial division was not improved upon until Fermat applied the
Advantages of Parallel Processing and the Effects of Communications Time
"... Many computing tasks involve heavy mathematical calculations, or analyzing large amounts of data. These operations can take a long time to complete using only one computer. Networks such as the Internet provide many computers with the ability to communicate with each other. Parallel or distributed c ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Many computing tasks involve heavy mathematical calculations, or analyzing large amounts of data. These operations can take a long time to complete using only one computer. Networks such as the Internet provide many computers with the ability to communicate with each other. Parallel or distributed computing takes advantage of these networked computers by arranging them to work together on a problem, thereby reducing the time needed to obtain the solution. The drawback to using a network of computers to solve a problem is the time wasted in communicating between the various hosts. The application of distributed computing techniques to a space environment or to use over a satellite network would therefore be limited by the amount of time needed to send data across the network, which would typically take much longer than on a terrestrial network. This experiment shows how much faster a large job can be performed by adding more computers to the task, what role communications time plays in ...