A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Filters
Rounded Gaussians
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
This paper suggests to use rounded Gaussians in place of discrete Gaussians in rejection-sampling-based lattice signature schemes like BLISS. ...
We show that this distribution can efficiently be sampled from while additionally making it easy to sample in constant time, systematically avoiding recent timing-based side-channel attacks on lattice-based ...
We present a constant-time implementation of rounded Gaussians suitable for the BLISS-I parameter set and show that it is more than twice as fast as a sampler based on cumulative distribution tables (CDT ...
doi:10.1007/978-3-319-76581-5_25
fatcat:pvokbzzg4vekrbrtdnnta6xgbm
Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Sapphire can be programmed with custom instructions for polynomial arithmetic and sampling, and it is coupled with a low-power RISC-V micro-processor to demonstrate NIST Round 2 lattice-based CCA-secure ...
All key building blocks of Sapphire are constant-time and secure against timing and simple power analysis side-channel attacks. ...
Acknowledgements The authors would like to thank Texas Instruments for funding this work, the TSMC University Shuttle Program for chip fabrication support, and Bluespec, Xilinx, Cadence, Synopsys and Mentor ...
arXiv:1910.07557v1
fatcat:suymd56szfe5fas2vxncdbu5h4
Software Speed Records for Lattice-Based Signatures
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The most critical issue on the construction of such cryptosystems is to achieve security and practicability at the same time. ...
Recently, lattice-based constructions were proposed that combine both properties, such as the lattice-based digital signature scheme presented at CHES 2012. ...
Acknowledgments We would like to thank Michael Schneider, Vadim Lyubashevsky, and the anonymous reviewers for their helpful comments. ...
doi:10.1007/978-3-642-38616-9_5
fatcat:fzfoq3pvjrdlhcno2sx2nnxz4i
Fast Number Theoretic Transform for Ring-LWE on 8-bit AVR Embedded Processor
2020
Sensors
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We focused on the optimized modular multiplication with secure countermeasure (i.e., constant timing), which ensures high performance and prevents timing attack and simple power analysis. ...
For the encryption of 256-bit security level, 1,430,601 and 2,042,474 clock cycles are required for H/W and S/W AES-based implementations, respectively. ...
Discrete Gaussian Sampling Discrete Gaussian sampling is an important part of Ring-LWE scheme. For the fast sampling method, we adopted the Knuth-Yao sampler method with byte-scanning [28, 35] . ...
doi:10.3390/s20072039
pmid:32260497
fatcat:lhyenpnuyre75jthlklvyumyr4
Fast Discretized Gaussian Sampling and Post-quantum TLS Ciphersuite
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
LWE/RLWE-based cryptosystems require sampling error term from discrete Gaussian distribution. ...
In this paper, we introduce a more efficient discretized Gaussian sampler based on ziggurat sampling algorithm. ...
Our Fast Discretized Gaussian Sampling and Statistical Quality Analysis Our sampler is designed directly based on original ziggurat sampling algorithm, which is designed for continuous Gaussian distribution ...
doi:10.1007/978-3-319-72359-4_33
fatcat:ab6jit5mzfhoha6s4opyl37zgy
Gaussian Sampling over the Integers: Efficient, Generic, Constant-Time
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We present new algorithms for discrete Gaussian sampling that are both generic (application independent), efficient, and more easily implemented in constant time without incurring a substantial slow-down ...
Sampling integers with Gaussian distribution is a fundamental problem that arises in almost every application of lattice cryptography, and it can be both time consuming and challenging to implement. ...
Acknowledgment We thank the authors of [10] for providing the source code of their implementation of different discrete Gaussian samplers. ...
doi:10.1007/978-3-319-63715-0_16
fatcat:z4d7lkqllnhnfeggaz5q4gu3gu
Fast and Power-Analysis Resistant Ring Lizard Crypto-processor based on the Sparse Ternary Property
2019
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
however, in this paper, we present the RLizard crypto-processor with the improved processing speed and security level against power analysis attacks. ...
In addition, our idea can be applied to other ideal-lattice-based cryptosystems using a sparse binary or ternary polynomial, such as NTRU and Round5. ...
ACKNOWLEDGMENT The authors would like to thank Jae Hong Seo at Hanyang University and Mun-Kyu Lee at Inha University, who gave us comments and reviewed this manuscript. ...
doi:10.1109/access.2019.2929299
fatcat:fv37mmw6pzfv7lqxd6jfs43hru
Faster Gaussian Sampling for Trapdoor Lattices with Arbitrary Modulus
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present improved algorithms for gaussian preimage sampling using the lattice trapdoors of (Micciancio and Peikert, CRYPTO 2012). ...
As an additional contribution, we give a new, quasi-linear time algorithm for the off-line perturbation sampling phase of MP12 in the ring setting. ...
Acknowledgment We thank Léo Ducas, Yuriy Polyakov, Kurt Rohloff, and Michael Walter for their helpful discussions as well as the anonymous reviewers for their helpful feedback and suggestions. ...
doi:10.1007/978-3-319-78381-9_7
fatcat:6gq4fd5tffc63bxtr6yo3xhsy4
Arithmetic coding and blinding countermeasures for lattice signatures
2017
Journal of Cryptographic Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
We describe new arithmetic coding techniques and side-channel blinding countermeasures for lattice-based cryptography. ...
Arithmetic Coding offers an information theoretically optimal compression for stationary and memoryless sources, such as the discrete Gaussian distributions often present in lattice-based cryptography. ...
Cryptographically secure sampling is required by many Lattice-based cryptographic algorithms; see [9] for an overview. ...
doi:10.1007/s13389-017-0149-6
fatcat:3kksn6fy7ngcthlrlusgooubvi
Practical Signatures from the Partial Fourier Recovery Problem
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
Although the scheme is not supported by a formal security reduction, we present extensive arguments for its security and derive concrete parameters based on the performance of state of the art lattice ...
We present PASSSign, a variant of the prior PASS and PASS-2 proposals, as a candidate for a practical post-quantum signature scheme. ...
Full decoupling of secret keys from transcripts was a difficult barrier for the construction of secure lattice based signature schemes, and more so for the construction of efficient schemes. ...
doi:10.1007/978-3-319-07536-5_28
fatcat:ubnquz6qcbd27ffc6pc44alxyi
Post-quantum Key Exchange for the Internet and the Open Quantum Safe Project
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We review two protocols for quantum-resistant key exchange based on lattice problems: BCNS15, based on the ring learning with errors problem, and Frodo, based on the learning with errors problem. ...
We discuss their security and performance characteristics, both on their own and in the context of the Transport Layer Security (TLS) protocol. ...
Acknowledgements Research on LWE and ring-LWE based key exchange discussed in this paper includes joint work with Joppe W. ...
doi:10.1007/978-3-319-69453-5_2
fatcat:lhen3goh6rb4nft6ui6p4gjuoa
Revisiting and Evaluating Software Side-channel Vulnerabilities and Countermeasures in Cryptographic Applications
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Based on these characterizations and evaluations, we offer some insights for side-channel researchers, cryptographic software developers and users. ...
We then evaluate popular libraries and applications, quantitatively measuring and comparing the vulnerability severity, response time and coverage. ...
Different types of post-quantum algorithms were designed for public key infrastructure, e.g., hash-based, lattice-based and multivariate cryptography. ...
arXiv:1911.09312v2
fatcat:o4am4aurlfajjkj7nuz3kbso6y
Efficient Identity-Based Encryption over NTRU Lattices
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
In this work, we show that using a particular distribution over NTRU lattices can make GPV-based schemes suitable for practice. ...
The main reason for this limitation is that at the core of many advanced lattice primitives is a trapdoor sampling algorithm (Gentry, Peikert, Vaikuntanathan, STOC 2008) that produced outputs that were ...
Acknowledgments The authors wish to thank David Xiao and Aurore Guillevic for helpful conversations, as well as the anonymous Asiacrypt'14 reviewers. ...
doi:10.1007/978-3-662-45608-8_2
fatcat:rlfi7asddng2pho3o4s6le4azi
Post-Quantum Cryptography: Challenges and Opportunities for Robust and Secure HW Design
2021
2021 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
In this paper, we introduce the fundamentals of PQC, with a focus on lattice-based cryptography and its hardware security issues, namely side-channel and fault-based attacks. ...
The definition the PQC standards is an on going process proceeding at a fast pace, involving new and largely unexplored cryptographic primitives. ...
Timing side channel have also been used to attack efficient implementations of discrete Gaussian samplers based on lookup tables. ...
doi:10.1109/dft52944.2021.9568301
fatcat:n5dg4bfffvhh7msczlqcel7wiq
Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the HW/SW Co-Design of qTESLA
2020
Transactions on Cryptographic Hardware and Embedded Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Gaussian sampler, and a pipelined NTT-based polynomial multiplier, among others. ...
Unlike much of prior work, the accelerators are fully open-sourced, are designed to be constant-time, and can be parameterized at compile-time to support different parameters without the need for re-writing ...
Acknowledgments We would like to thank the reviewers and the shepherd for their useful feedback. Nina Bindel was supported by the NSERC Discovery Accelerator Supplement grant RGPIN-2016-05146. ...
doi:10.13154/tches.v2020.i3.269-306
dblp:journals/tches/WangTJBLS20
fatcat:ztxzwdv3jvenfa7p7mhkxolyye
« Previous
Showing results 1 — 15 out of 109 results