Results 1 -
9 of
9
A small depth-16 circuit for the aes s-box
- In Dimitris Gritzalis, Steven Furnell, and Marianthi Theoharidou, editors, SEC, volume 376 of IFIP Advances in Information and Communication Technology
, 2012
"... New techniques for reducing the depth of circuits for cryptographic applications are described and applied to the AES S-box. These techniques also keep the number of gates quite small. The result, when applied to the AES S-box, is a circuit with depth 16 and only 128 gates. For the inverse, it is al ..."
Abstract
-
Cited by 9 (1 self)
- Add to MetaCart
(Show Context)
New techniques for reducing the depth of circuits for cryptographic applications are described and applied to the AES S-box. These techniques also keep the number of gates quite small. The result, when applied to the AES S-box, is a circuit with depth 16 and only 128 gates. For the inverse, it is also depth 16 and has only 127 gates. There is a shared middle part, common to both the S-box and its inverse, consisting of 63 gates.
T.: Solving circuit optimisation problems in cryptography and cryptanalysis. E-print can be found at http://eprint.iacr.org/2011/475.pdf
"... Abstract. One of the hardest problems in computer science is the problem of gate-efficient implementation. Such optimizations are particularly important in industrial hardware implementations of standard cryptographic algorithms. In this paper we focus on optimizing some small circuits such as S-bo ..."
Abstract
-
Cited by 7 (1 self)
- Add to MetaCart
(Show Context)
Abstract. One of the hardest problems in computer science is the problem of gate-efficient implementation. Such optimizations are particularly important in industrial hardware implementations of standard cryptographic algorithms. In this paper we focus on optimizing some small circuits such as S-boxes in cryptographic algorithms. We consider the notion of Multiplicative Complexity, a new important notion of complexity introduced in 2008 by Boyar and Peralta and applied to find interesting optimizations for the S-box of the AES cipher
supervised by
, 2008
"... Systems at University College London. It is substantially the result of my own work except where explicitly indicated in the text. The report may be freely copied and distributed provided the source is ex-plicitly acknowledged. Spike sorting is the task of grouping action potentials observed in extr ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Systems at University College London. It is substantially the result of my own work except where explicitly indicated in the text. The report may be freely copied and distributed provided the source is ex-plicitly acknowledged. Spike sorting is the task of grouping action potentials observed in extracellular electrophysiological recordings by source neuron. In this thesis a new incremental spike sorting model is proposed that accounts for action potential waveform drift over time, automatically eliminates refractory period violations, and can handle “appearance ” and “disappearance ” of neurons during the course of the recording. The approach is to augment a known time-varying Dirichlet process that ties together a sequence of infinite Gaussian mixture models, one per action potential waveform observation, with an interspike-interval-dependent term that prohibits refractory period violations. The relevant literature on spike sorting as well as (time-varying) Dirchlet process mixture models is reviewed and the new spike sorting model is described in detail, including Monte Carlo methods for performing inference in the model. The performance of the model is compared to two recent spike sorting methods on synthetic data sets as well as on neural data recordings for which a partial ground truth labeling is known. It is shown that the model performs no worse on stationary data and compares favorably if the data contains waveform change over time. Additionally, the behaviour of the model under different parameter settings and under difficult conditions is assessed and possible extensions of the model are discussed. i
Optimizing the AES S-box using SAT
- In Proc. International Workshop on Implementation of Logics (IWIL
"... In this paper we describe the implementation of a technique for minimizing XOR circuits used in cryptographic algorithms. More precisely, we present our work from [4] for encoding this synthesis problem to SAT with a focus on the case study of optimizing an important component of the Advanced Encryp ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
In this paper we describe the implementation of a technique for minimizing XOR circuits used in cryptographic algorithms. More precisely, we present our work from [4] for encoding this synthesis problem to SAT with a focus on the case study of optimizing an important component of the Advanced Encryption Standard (AES) [8]. In addition to these previously published
Synchronous Counting and Computational Algorithm Design
"... Abstract. Consider a complete communication network on n nodes, each of which is a state machine with s states. In synchronous 2-counting, the nodes receive a common clock pulse and they have to agree on which pulses are “odd ” and which are “even”. We require that the solution is self-stabilising ( ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Consider a complete communication network on n nodes, each of which is a state machine with s states. In synchronous 2-counting, the nodes receive a common clock pulse and they have to agree on which pulses are “odd ” and which are “even”. We require that the solution is self-stabilising (reaching the correct operation from any initial state) and it tolerates f Byzantine failures (nodes that send arbitrary misinformation). Prior algorithms are expensive to implement in hardware: they require a source of random bits or a large number of states s. We use computational techniques to construct very compact deterministic algorithms for the first non-trivial case of f = 1. While no algorithm exists for n < 4, we show that as few as 3 states are sufficient for all values n ≥ 4. We prove that the problem cannot be solved with only 2 states for n = 4, but there is a 2-state solution for all values n ≥ 6. 1
Novel Value Ordering Heuristics Using Non-Linear Optimization In Boolean Satisfiability
, 2012
"... ..."
Three Years of Experience with Sledgehammer, a Practical Link between Automatic and Interactive Theorem Provers (invited talk)...... 1
"... the ..."
(Show Context)
Synthesizing Shortest XOR Circuits using SAT
, 2015
"... In this paper we introduce a technique to find the minimal number of gates in a circuit of XOR gates in linear straight-line programs and the application of this technique to cryptography. The technique simply consists of two steps. The first step focuses on reducing the associated decision problem ..."
Abstract
- Add to MetaCart
(Show Context)
In this paper we introduce a technique to find the minimal number of gates in a circuit of XOR gates in linear straight-line programs and the application of this technique to cryptography. The technique simply consists of two steps. The first step focuses on reducing the associated decision problem to satisfiability of propositional logic and the second step presents the optimization of the associated decision problem using SAT-solvers. 1
Exact Logic Minimization and Multiplicative Complexity of Concrete Algebraic and Cryptographic Circuits
"... Abstract—Two very important NP-hard problems in the area of computational complexity are the problems of Matrix Mul-tiplication (MM) and Circuit Optimization. Solving particular cases of such problems yield to improvements in many other problems as they are core sub-routines implemented in many othe ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—Two very important NP-hard problems in the area of computational complexity are the problems of Matrix Mul-tiplication (MM) and Circuit Optimization. Solving particular cases of such problems yield to improvements in many other problems as they are core sub-routines implemented in many other algorithms. However, obtaining optimal solutions is an intractable problem since the space to explore for each problem is exponentially large. All suggested methodologies rely on well-chosen heuristics, selected according to the topology of the specific problem. Such heuristics may yield to efficient and acceptable solutions but they do not guarantee that no better can be done. In this paper, we suggest a general framework for obtaining solutions to such problems. We have developed a 2-step methodology, where in the first place we describe algebraically the problem and then we convert it to a SAT-CNF problem, which
