A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Filters
Faster Gaussian Lattice Sampling Using Lazy Floating-Point Arithmetic
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
We study how much lattice sampling can be sped up using floating-point arithmetic. ...
Many lattice cryptographic primitives require an efficient algorithm to sample lattice points according to some Gaussian distribution. ...
Stehlé for useful discussions. We also thanks anonymous reviewers for their comments. ...
doi:10.1007/978-3-642-34961-4_26
fatcat:t25kgluslbepng5md64cnw34vu
Generic, Efficient and Isochronous Gaussian Sampling over the Integers
[article]
2021
IACR Cryptology ePrint Archive
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Gaussian sampling over the integers is one of the fundamental building blocks of lattice-based cryptography. Among the extensively used trapdoor sampling algorithms, it's ineluctable until now. ...
The new COSAC sampler is 1.46x-1.63x faster than the original and has the lowest expected number of trials among all Gaussian samplers based on rejection samplings. ...
In our implementation of Algorithm 2, we use the double type meeting the IEEE-754 standard in the floating-point arithmetics and 64-bit integers to approximate the floating numbers u 2 , r 2 , r 3 , so ...
dblp:journals/iacr/SunZJZT21
fatcat:2vaie4drvvdjfly5ckfindlioi
On Rejection Sampling Algorithms for Centered Discrete Gaussian Distribution over Integers
[article]
2017
IACR Cryptology ePrint Archive
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The first algorithm is designed for the case where σ is an positive integer, and it requires neither pre-computation storage nor floating-point arithmetic. ...
Discrete Gaussian sampling is one of fundamental operations in many lattice-based cryptosystems. ...
All of them do not use floating-point arithmetic. ...
dblp:journals/iacr/DuW17
fatcat:jhij5dosejdu5jkgxueg6pqj5a
Gaussian Sampling over the Integers: Efficient, Generic, Constant-Time
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
As an additional contribution, we present new analytical techniques that can be used to simplify the precision/security evaluation of floating point cryptographic algorithms, and an experimental comparison ...
Sampling integers with Gaussian distribution is a fundamental problem that arises in almost every application of lattice cryptography, and it can be both time consuming and challenging to implement. ...
Acknowledgment We thank the authors of [10] for providing the source code of their implementation of different discrete Gaussian samplers. ...
doi:10.1007/978-3-319-63715-0_16
fatcat:z4d7lkqllnhnfeggaz5q4gu3gu
Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
sampling in a single unit. ...
We hope that this contribution helps to pave the way for the deployment of ideal lattice-based encryption in future real-world systems. ...
This method has been implemented in software in [22] but the success rate is only approximately 20 % and requires costly floating point arithmetic (cf. to the laziness approach in [16] ). ...
doi:10.1007/978-3-662-43414-7_4
fatcat:2zkqm5obynehvomvienyqizocm
High-Performance Ideal Lattice-Based Cryptography on 8-Bit ATxmega Microcontrollers
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
These results outperform implementations on similar platforms and underline the feasibility of lattice-based cryptography on constrained devices. ...
Over the last years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. ...
For efficiency reasons we just work with the binary expansion of the fractional part instead of floating point arithmetic as all numbers used are smaller than 1.0. ...
doi:10.1007/978-3-319-22174-8_19
fatcat:tqcfnspcavcktf4m5ymte47zqm
Implementing BP-Obfuscation Using Graph-Induced Encoding
2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We expect that these optimizations will find other uses in lattice-based cryptography beyond just obfuscation. ...
These include new variants of discrete Gaussian sampler and lattice trapdoor sampler, efficient matrix-manipulation routines, and many tradeoffs. ...
FLINT only uses scalar integer arithmetic -it does not use any floating point. For matrix multiplication, it uses Strassen's recursive algorithm. ...
doi:10.1145/3133956.3133976
dblp:conf/ccs/HaleviHSS17
fatcat:jity63zaj5hxzgiyecobtwze7u
Enhanced Lattice-Based Signatures on Reconfigurable Hardware
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
However, due to the complex sampling of Gaussian noise with high precision, it is not clear whether this scheme can be mapped efficiently to embedded devices. ...
Even though the authors of Bliss also proposed a new sampling algorithm using Bernoulli variables this approach is more complex than previous methods using large precomputed tables. ...
operations and its costly requirement on high precision floating point arithmetic. ...
doi:10.1007/978-3-662-44709-3_20
fatcat:w77dq4yzeje65prje64pgrmkqa
Post-quantum Key Exchange - A New Hope
2016
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
By these measures and for the same lattice dimension, we more than double the security parameter, halve the communication overhead, and speed up computation by more than a factor of 8 in a portable C implementation ...
We are thankful to Mike Hamburg and to Paul Crowley for pointing out mistakes in a previous version of this paper, and we are thankful to Isis Lovecruft for thoroughly proofreading the paper and for suggesting ...
It does not use any floating-point arithmetic and outside the Keccak (SHA3-256 and SHAKE-128) implementation only needs 16-bit and 32-bit integer arithmetic. ...
dblp:conf/uss/AlkimDPS16
fatcat:sm6jbq2bmjca7naxguje35mhqm
Public Key Cryptography on Hardware Platforms: Design and Analysis of Elliptic Curve and Lattice-based Cryptoprocessors
2017
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
These cryptographic schemes perform arithmetic operations in a polynomial ring and require sampling from a discrete Gaussian distribution. ...
We optimize the scalar conversion which is an important part of point multiplication, and we introduce lightweight countermeasures against timing and power side-channel attacks. ...
A.2 Hardware architecture We use these optimizations to design a high-speed and pipelined scalar conversion architecture. The architecture is described in details our publication ...
doi:10.5281/zenodo.2643389
fatcat:sozmpjtc3jbddpgdqa7cic24k4
Efficient implementation of ideal lattice-based cryptography
2017
it - Information Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
While quantum computers powerful enough to break currently used parameter sets are not available yet, they are heavily researched and expected to reach maturity in 15 to 20 years. ...
One alternative is lattice-based cryptography which allows the construction of asymmetric public-key encryption and signature schemes that offer a good balance between security, performance, and key as ...
Simple rejection sampling using floating-point arithmetic is definitely too costly, especially on an FPGA without hardware supported floating point operations. ...
doi:10.1515/itit-2017-0030
fatcat:mpmamskk25h3lbyshy4rfd4y4y
Efficient Software Implementation of Ring-LWE Encryption on IoT Processors
2017
IEEE transactions on computers
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Regarding of the sampling from the discrete Gaussian distribution, we adopt Knuth-Yao sampler, accompanied with optimized methods such as Look-Up Table ( LUT) and byte-scanning. ...
These results are at least 7 times faster than the fastest ECC implementation on desired platforms with same security level. ...
The ARM Cortex A9 provides highly configurable L1 caches, and optional NEON and Floating-point extensions. ...
doi:10.1109/tc.2017.2750146
fatcat:i27eye5lprcolcnnlyim5n5thm
Software Speed Records for Lattice-Based Signatures
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Recently, lattice-based constructions were proposed that combine both properties, such as the lattice-based digital signature scheme presented at CHES 2012. ...
Lazy reduction. The prime p has 23 bits. A double-precision floating-point value has a 53-bit mantissa and one sign bit. ...
We represent each 512-coefficient polynomial as an array of 512 double-precision floating-point values. ...
doi:10.1007/978-3-642-38616-9_5
fatcat:fzfoq3pvjrdlhcno2sx2nnxz4i
LLL on the Average
[chapter]
2006
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2007; you can also visit the original URL.
The file type is application/pdf.
A lattice has infinitely many bases (except in trivial dimension ≤ 1), but some are more useful than others. ...
The subject had a revival with Lenstra's celebrated work on integer programming [19, 20] , which used an approximate ⋆ ...
Currently, the most efficient provable variant of L 3 known in case of large entries, called L 2 , is due to Nguyen and Stehlé [23] , and is based on floating-point arithmetic. ...
doi:10.1007/11792086_18
fatcat:3dadjzy36vfnpfu5lddnqp7uii
High Precision Discrete Gaussian Sampling on FPGAs
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Lattice-based public key cryptography often requires sampling from discrete Gaussian distributions. ...
Furthermore, we propose optimization techniques to store the probabilities of the sample points in near-optimal space. ...
Sampling with negligible statistical distance however either requires high precision floating arithmetic or large precomputed tables. ...
doi:10.1007/978-3-662-43414-7_19
fatcat:gzi4snfttjab5djnoe52o52bvu
« Previous
Showing results 1 — 15 out of 57 results