Random Sampling for Short Lattice Vectors on Graphics Cards
|
|
|
- Scott Beasley
- 6 years ago
- Views:
Transcription
1 Random Sampling for Short Lattice Vectors on Graphics Cards Michael Schneider, Norman Göttert TU Darmstadt, Germany CHES 2011, Nara September 2011 Michael Schneider 1
2 Introduction Simple Sampling Reduction (SSR) GPU-SSR Results Conclusion September 2011 Michael Schneider 2
3 Lattice-Based Cryptography Based on the approximate shortest vector problem (asvp) September 2011 Michael Schneider 3
4 Special Compute Hardware Multicore-CPUs Graphics cards Compute clouds September 2011 Michael Schneider 4
5 Goal Assessing hardness of asvp using special hardware September 2011 Michael Schneider 5
6 Lattices b 2 b 1 Basis matrix B = {b 1,..., b n } with b i R d Lattice: L(B) = { n i=1 x ib i, x i Z} September 2011 Michael Schneider 6
7 Lattices b 2 b 1 Basis matrix B = {b 1,..., b n } with b i R d Lattice: L(B) = { n i=1 x ib i, x i Z} September 2011 Michael Schneider 6
8 approx. Shortest Vector Problem (asvp) b 2 b 1 September 2011 Michael Schneider 7
9 approx. Shortest Vector Problem (asvp) b 2 b 1 September 2011 Michael Schneider 7
10 approx. Shortest Vector Problem (asvp) b 2 b 1 September 2011 Michael Schneider 7
11 approx. Shortest Vector Problem (asvp) b 2 b 1 Algorithms for asvp BKZ [SE94] SSR [Lud05] September 2011 Michael Schneider 7
12 Introduction Simple Sampling Reduction (SSR) GPU-SSR Results Conclusion September 2011 Michael Schneider 8
13 SSR September 2011 Michael Schneider 9
14 SSR September 2011 Michael Schneider 9
15 SSR September 2011 Michael Schneider 9
16 SSR September 2011 Michael Schneider 9
17 Gram-Schmidt Orthogonalization b 2 b 1 = b 1
18 Gram-Schmidt Orthogonalization b 2 b 2 b 1 = b 1
19 Gram-Schmidt Orthogonalization b 2 b 2 b 1 + b 2 = ν 1 b 1 + ν 2b 2 b 1 = b 1 September 2011 Michael Schneider 10
20 Random Sampling v L, ν i R v = ν 1 b 1 + ν 2 b ν n 1 b n 1 + ν n b n September 2011 Michael Schneider 11
21 Random Sampling v L, ν i R v = ν 1 b 1 + ν 2 b ν n 1 b n 1 + ν n b n v 2 = ν1 2 b ν2 2 b νn 1 2 b 2 n 1 + νn 2 b n 2 September 2011 Michael Schneider 11
22 Random Sampling v L, ν i R v = ν 1 b 1 + ν 2 b ν n 1 b n 1 + ν n b n v 2 = ν1 2 b ν2 2 b νn 1 2 b 2 n 1 + νn 2 b n 2 after LLL / BKZ - reduction: b 1 b 2... b n September 2011 Michael Schneider 11
23 Random Sampling v L, ν i R v = ν 1 b 1 + ν 2 b ν n 1 b n 1 + ν n b n v 2 = ν1 2 b ν2 2 b νn 1 2 b 2 n 1 + νn 2 b n 2 after LLL / BKZ - reduction: b 1 b 2... b n S u,b is the set of all vectors v = n i=1 ν ib i satisfying { 0.5 for 1 i < n u ν i 1 for n u i n September 2011 Michael Schneider 11
24 Random Sampling v L, ν i R v = ν 1 b 1 + ν 2 b ν n 1 b n 1 + ν n b n v 2 = ν1 2 b ν2 2 b νn 1 2 b 2 n 1 + νn 2 b n 2 after LLL / BKZ - reduction: b 1 b 2... b n S u,b is the set of all vectors v = n i=1 ν ib i satisfying { 0.5 for 1 i < n u ν i 1 for n u i n September 2011 Michael Schneider 11
25 Function SAMPLE Sampling Algorithm SAMPLE [Lud05] uses bits of a random seed allows for more control seed {1, 2,..., i}, i = 2 umax generate (random) vectors in S u,b September 2011 Michael Schneider 12
26 Function SAMPLE Sampling Algorithm SAMPLE [Lud05] uses bits of a random seed allows for more control seed {1, 2,..., i}, i = 2 umax generate (random) vectors in S u,b SIMD September 2011 Michael Schneider 12
27 Function SAMPLE September 2011 Michael Schneider 13
28 Introduction Simple Sampling Reduction (SSR) GPU-SSR Results Conclusion September 2011 Michael Schneider 14
29 Parallel SSR September 2011 Michael Schneider 15
30 GPU-SSR Slide 19 September 2011 Michael Schneider 16
31 Introduction Simple Sampling Reduction (SSR) GPU-SSR Results Conclusion September 2011 Michael Schneider 17
32 Sampling Rate n = 180 sampling rate CPU: sampling rate GPU: 160 samples/s 120,000 samples/s September 2011 Michael Schneider 18
33 Experiments Setting: goalnorm: stop if b n det(l) 1/n 10 random lattices each dimension LLL pre-reduction ( BKZ-20) September 2011 Michael Schneider 19
34 Experiments Setting: goalnorm: stop if b n det(l) 1/n 10 random lattices each dimension LLL pre-reduction ( BKZ-20) Improvements: prepend multiple vectors v i parallel norm computations September 2011 Michael Schneider 19
35 Experiments Setting: goalnorm: stop if b n det(l) 1/n 10 random lattices each dimension LLL pre-reduction ( BKZ-20) Improvements: prepend multiple vectors v i parallel norm computations CPU Intel Core Duo E8400 (3GHz) GPU NVIDIA GTX 295 Slide 16 September 2011 Michael Schneider 19
36 Results - Norm CPU-SSR reached norm CUDA-SSR reached norm Goalnorm Dimension n Figure: Reached norm September 2011 Michael Schneider 20
37 Results - Time 1e+06 CPU-SSR time CUDA-SSR time Dimension n Figure: Runtime [s] September 2011 Michael Schneider 21
38 Results - Speedup Speedup GPU vs. CPU Dimension n Figure: Runtime Speedup September 2011 Michael Schneider 22
39 Introduction Simple Sampling Reduction (SSR) GPU-SSR Results Conclusion September 2011 Michael Schneider 23
40 Conclusion Speedup GPU-SSR up to 160 times faster than CPU-SSR September 2011 Michael Schneider 24
41 Conclusion Speedup GPU-SSR up to 160 times faster than CPU-SSR Implementation CPU and GPU version of SSR online: September 2011 Michael Schneider 24
42 Conclusion Speedup GPU-SSR up to 160 times faster than CPU-SSR Implementation CPU and GPU version of SSR online: Future Work Better search spaces CPU / GPU clusters decrease LLL / BKZ time (LLL: 67% in dimension 100) to 50%?!? September 2011 Michael Schneider 24
43 Finally... Thank you! September 2011 Michael Schneider 25
44 Bibliography I Christoph Ludwig. Practical Lattice Basis Sampling Reduction. PhD thesis, Technische Universität Darmstadt, Claus-Peter Schnorr and M. Euchner. Lattice basis reduction: Improved practical algorithms and solving subset sum problems. Mathematical Programming, 66: , September 2011 Michael Schneider 26
Shortest Lattice Vector Enumeration on Graphics Cards
Shortest Lattice Vector Enumeration on Graphics Cards Jens Hermans 1 Michael Schneider 2 Fréderik Vercauteren 1 Johannes Buchmann 2 Bart Preneel 1 1 K.U.Leuven 2 TU Darmstadt SHARCS - 10 September 2009
Creating a Challenge for Ideal Lattices
Creating a Challenge for Ideal Lattices Thomas Plantard 1 and Michael Schneider 2 1 University of Wollongong, Australia thomaspl@uow.edu.au 2 Technische Universität Darmstadt, Germany mischnei@cdc.informatik.tu-darmstadt.de
Analyzing Blockwise Lattice Algorithms using Dynamical Systems
Analyzing Blockwise Lattice Algorithms using Dynamical Systems Guillaume Hanrot, Xavier Pujol, Damien Stehlé ENS Lyon, LIP (CNRS ENSL INRIA UCBL - ULyon) Analyzing Blockwise Lattice Algorithms using Dynamical
Gauss Sieve on GPUs. Shang-Yi Yang 1, Po-Chun Kuo 1, Bo-Yin Yang 2, and Chen-Mou Cheng 1
Gauss Sieve on GPUs Shang-Yi Yang 1, Po-Chun Kuo 1, Bo-Yin Yang 2, and Chen-Mou Cheng 1 1 Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan {ilway25,kbj,doug}@crypto.tw 2
DIMACS Workshop on Parallelism: A 2020 Vision Lattice Basis Reduction and Multi-Core
DIMACS Workshop on Parallelism: A 2020 Vision Lattice Basis Reduction and Multi-Core Werner Backes and Susanne Wetzel Stevens Institute of Technology 29th March 2011 Work supported through NSF Grant DUE
Introduction to numerical computations on the GPU
Introduction to numerical computations on the GPU Lucian Covaci http://lucian.covaci.org/cuda.pdf Tuesday 1 November 11 1 2 Outline: NVIDIA Tesla and Geforce video cards: architecture CUDA - C: programming
A Fast Phase-Based Enumeration Algorithm for SVP Challenge through y-sparse Representations of Short Lattice Vectors
A Fast Phase-Based Enumeration Algorithm for SVP Challenge through y-sparse Representations of Short Lattice Vectors Dan Ding 1, Guizhen Zhu 2, Yang Yu 1, Zhongxiang Zheng 1 1 Department of Computer Science
Orthogonalized Lattice Enumeration for Solving SVP
Orthogonalized Lattice Enumeration for Solving SVP Zhongxiang Zheng 1, Xiaoyun Wang 2, Guangwu Xu 3, Yang Yu 1 1 Department of Computer Science and Technology,Tsinghua University, Beijing 100084, China,
arxiv: v1 [hep-lat] 7 Oct 2010
![arxiv: v1 [hep-lat] 7 Oct 2010](/thumbs/79/80346009.jpg "arxiv: v1 [hep-lat] 7 Oct 2010")
arxiv:.486v [hep-lat] 7 Oct 2 Nuno Cardoso CFTP, Instituto Superior Técnico E-mail: nunocardoso@cftp.ist.utl.pt Pedro Bicudo CFTP, Instituto Superior Técnico E-mail: bicudo@ist.utl.pt We discuss the CUDA
CRYPTOGRAPHIC COMPUTING
CRYPTOGRAPHIC COMPUTING ON GPU Chen Mou Cheng Dept. Electrical Engineering g National Taiwan University January 16, 2009 COLLABORATORS Daniel Bernstein, UIC, USA Tien Ren Chen, Army Tanja Lange, TU Eindhoven,
Hybrid CPU/GPU Acceleration of Detection of 2-SNP Epistatic Interactions in GWAS
Hybrid CPU/GPU Acceleration of Detection of 2-SNP Epistatic Interactions in GWAS Jorge González-Domínguez*, Bertil Schmidt*, Jan C. Kässens**, Lars Wienbrandt** *Parallel and Distributed Architectures
Lattice Reduction of Modular, Convolution, and NTRU Lattices
Summer School on Computational Number Theory and Applications to Cryptography Laramie, Wyoming, June 19 July 7, 2006 Lattice Reduction of Modular, Convolution, and NTRU Lattices Project suggested by Joe
A model leading to self-consistent iteration computation with need for HP LA (e.g, diagonalization and orthogonalization)
A model leading to self-consistent iteration computation with need for HP LA (e.g, diagonalization and orthogonalization) Schodinger equation: Hψ = Eψ Choose a basis set of wave functions Two cases: Orthonormal
Using a CUDA-Accelerated PGAS Model on a GPU Cluster for Bioinformatics
Using a CUDA-Accelerated PGAS Model on a GPU Cluster for Bioinformatics Jorge González-Domínguez Parallel and Distributed Architectures Group Johannes Gutenberg University of Mainz, Germany j.gonzalez@uni-mainz.de
Adaptive Heterogeneous Computing with OpenCL: Harnessing hundreds of GPUs and CPUs
Adaptive Heterogeneous Computing with OpenCL: Harnessing hundreds of GPUs and CPUs Simon McIntosh-Smith simonm@cs.bris.ac.uk Head of Microelectronics Research University of Bristol, UK 1 ! Collaborators
1 Shortest Vector Problem
Lattices in Cryptography University of Michigan, Fall 25 Lecture 2 SVP, Gram-Schmidt, LLL Instructor: Chris Peikert Scribe: Hank Carter Shortest Vector Problem Last time we defined the minimum distance
Parallel programming practices for the solution of Sparse Linear Systems (motivated by computational physics and graphics)
Parallel programming practices for the solution of Sparse Linear Systems (motivated by computational physics and graphics) Eftychios Sifakis CS758 Guest Lecture - 19 Sept 2012 Introduction Linear systems
Sieving for Shortest Vectors in Ideal Lattices:
Sieving for Shortest Vectors in Ideal Lattices: a Practical Perspective Joppe W. Bos Microsoft Research LACAL@RISC Seminar on Cryptologic Algorithms CWI, Amsterdam, Netherlands Joint work with Michael
ECM at Work. Joppe W. Bos 1 and Thorsten Kleinjung 2. 1 Microsoft Research, Redmond, USA
ECM at Work Joppe W. Bos 1 and Thorsten Kleinjung 2 1 Microsoft Research, Redmond, USA 2 Laboratory for Cryptologic Algorithms, EPFL, Lausanne, Switzerland 1 / 18 Security assessment of public-key cryptography
COMPARISON OF CPU AND GPU IMPLEMENTATIONS OF THE LATTICE BOLTZMANN METHOD
XVIII International Conference on Water Resources CMWR 2010 J. Carrera (Ed) c CIMNE, Barcelona, 2010 COMPARISON OF CPU AND GPU IMPLEMENTATIONS OF THE LATTICE BOLTZMANN METHOD James.E. McClure, Jan F. Prins
Looking back at lattice-based cryptanalysis
September 2009 Lattices A lattice is a discrete subgroup of R n Equivalently, set of integral linear combinations: α 1 b1 + + α n bm with m n Lattice reduction Lattice reduction looks for a good basis
GPU Accelerated Markov Decision Processes in Crowd Simulation
GPU Accelerated Markov Decision Processes in Crowd Simulation Sergio Ruiz Computer Science Department Tecnológico de Monterrey, CCM Mexico City, México sergio.ruiz.loza@itesm.mx Benjamín Hernández National
Lattice Basis Reduction in Infinity Norm
Technische Universität Darmstadt Department of Computer Science Cryptography and Computeralgebra Bachelor Thesis Lattice Basis Reduction in Infinity Norm Vanya Sashova Ivanova Technische Universität Darmstadt
A Massively Parallel Eigenvalue Solver for Small Matrices on Multicore and Manycore Architectures
A Massively Parallel Eigenvalue Solver for Small Matrices on Multicore and Manycore Architectures Manfred Liebmann Technische Universität München Chair of Optimal Control Center for Mathematical Sciences,
Measuring, simulating and exploiting the head concavity phenomenon in BKZ
Measuring, simulating and exploiting the head concavity phenomenon in BKZ Shi Bai 1, Damien Stehlé 2, and Weiqiang Wen 2 1 Department of Mathematical Sciences, Florida Atlantic University. Boca Raton.
Lattices. A Lattice is a discrete subgroup of the additive group of n-dimensional space R n.
Lattices A Lattice is a discrete subgroup of the additive group of n-dimensional space R n. Lattices have many uses in cryptography. They may be used to define cryptosystems and to break other ciphers.
GPU acceleration of Newton s method for large systems of polynomial equations in double double and quad double arithmetic
GPU acceleration of Newton s method for large systems of polynomial equations in double double and quad double arithmetic Jan Verschelde joint work with Xiangcheng Yu University of Illinois at Chicago
Accelerating linear algebra computations with hybrid GPU-multicore systems.
Accelerating linear algebra computations with hybrid GPU-multicore systems. Marc Baboulin INRIA/Université Paris-Sud joint work with Jack Dongarra (University of Tennessee and Oak Ridge National Laboratory)
Klaus Schulten Department of Physics and Theoretical and Computational Biophysics Group University of Illinois at Urbana-Champaign
Klaus Schulten Department of Physics and Theoretical and Computational Biophysics Group University of Illinois at Urbana-Champaign GTC, San Jose Convention Center, CA Sept. 20 23, 2010 GPU and the Computational
The Shortest Vector Problem (Lattice Reduction Algorithms)
The Shortest Vector Problem (Lattice Reduction Algorithms) Approximation Algorithms by V. Vazirani, Chapter 27 - Problem statement, general discussion - Lattices: brief introduction - The Gauss algorithm
Universität Dortmund UCHPC. Performance. Computing for Finite Element Simulations
technische universität dortmund Universität Dortmund fakultät für mathematik LS III (IAM) UCHPC UnConventional High Performance Computing for Finite Element Simulations S. Turek, Chr. Becker, S. Buijssen,
Block AIR Methods. For Multicore and GPU. Per Christian Hansen Hans Henrik B. Sørensen. Technical University of Denmark
Block AIR Methods For Multicore and GPU Per Christian Hansen Hans Henrik B. Sørensen Technical University of Denmark Model Problem and Notation Parallel-beam 3D tomography exact solution exact data noise
Practical, Predictable Lattice Basis Reduction
Practical, Predictable Lattice Basis Reduction Daniele Micciancio and Michael Walter University of California, San Diego {miwalter,daniele}@eng.ucsd.edu Abstract. Lattice reduction algorithms are notoriously
Direct Self-Consistent Field Computations on GPU Clusters
Direct Self-Consistent Field Computations on GPU Clusters Guochun Shi, Volodymyr Kindratenko National Center for Supercomputing Applications University of Illinois at UrbanaChampaign Ivan Ufimtsev, Todd
Performance of Random Sampling for Computing Low-rank Approximations of a Dense Matrix on GPUs
Performance of Random Sampling for Computing Low-rank Approximations of a Dense Matrix on GPUs Théo Mary, Ichitaro Yamazaki, Jakub Kurzak, Piotr Luszczek, Stanimire Tomov, Jack Dongarra presenter 1 Low-Rank
Scalable and Power-Efficient Data Mining Kernels
Scalable and Power-Efficient Data Mining Kernels Alok Choudhary, John G. Searle Professor Dept. of Electrical Engineering and Computer Science and Professor, Kellogg School of Management Director of the
Welcome to MCS 572. content and organization expectations of the course. definition and classification
Welcome to MCS 572 1 About the Course content and organization expectations of the course 2 Supercomputing definition and classification 3 Measuring Performance speedup and efficiency Amdahl s Law Gustafson
Estimation of the Success Probability of Random Sampling by the Gram-Charlier Approximation
Estimation of the Success Probability of Random Sampling by the Gram-Charlier Approximation Yoshitatsu Matsuda 1, Tadanori Teruya, and Kenji Kashiwabara 1 1 Department of General Systems Studies, Graduate
BALANCED INTEGER SOLUTIONS OF LINEAR EQUATIONS
BALANCED INTEGER SOLUTIONS OF LINEAR EQUATIONS KONSTANTINOS A. DRAZIOTIS Abstract. We use lattice based methods in order to get an integer solution of the linear equation a x + +a nx n = a 0, which satisfies
More Science per Joule: Bottleneck Computing
More Science per Joule: Bottleneck Computing Georg Hager Erlangen Regional Computing Center (RRZE) University of Erlangen-Nuremberg Germany PPAM 2013 September 9, 2013 Warsaw, Poland Motivation (1): Scalability
BKZ 2.0: Better Lattice Security Estimates
BKZ 2.0: Better Lattice Security Estimates Yuanmi Chen and Phong Q. Nguyen 1 ENS, Dept. Informatique, 45 rue d Ulm, 75005 Paris, France. http://www.eleves.ens.fr/home/ychen/ 2 INRIA and ENS, Dept. Informatique,
The Lattice Boltzmann Method for Laminar and Turbulent Channel Flows
The Lattice Boltzmann Method for Laminar and Turbulent Channel Flows Vanja Zecevic, Michael Kirkpatrick and Steven Armfield Department of Aerospace Mechanical & Mechatronic Engineering The University of
FINDING PARALLELISM IN GENERAL-PURPOSE LINEAR PROGRAMMING
FINDING PARALLELISM IN GENERAL-PURPOSE LINEAR PROGRAMMING Daniel Thuerck 1,2 (advisors Michael Goesele 1,2 and Marc Pfetsch 1 ) Maxim Naumov 3 1 Graduate School of Computational Engineering, TU Darmstadt
A Hybrid Method for Lattice Basis Reduction and. Applications
A Hybrid Method for Lattice Basis Reduction and Applications A HYBRID METHOD FOR LATTICE BASIS REDUCTION AND APPLICATIONS BY ZHAOFEI TIAN, M.Sc. A THESIS SUBMITTED TO THE DEPARTMENT OF COMPUTING AND SOFTWARE
GPU Acceleration of Cutoff Pair Potentials for Molecular Modeling Applications
GPU Acceleration of Cutoff Pair Potentials for Molecular Modeling Applications Christopher Rodrigues, David J. Hardy, John E. Stone, Klaus Schulten, Wen-Mei W. Hwu University of Illinois at Urbana-Champaign
Tips Geared Towards R. Adam J. Suarez. Arpil 10, 2015
Tips Geared Towards R Departments of Statistics North Carolina State University Arpil 10, 2015 1 / 30 Advantages of R As an interpretive and interactive language, developing an algorithm in R can be done
The complexity of factoring univariate polynomials over the rationals
The complexity of factoring univariate polynomials over the rationals Mark van Hoeij Florida State University ISSAC 2013 June 26, 2013 Papers [Zassenhaus 1969]. Usually fast, but can be exp-time. [LLL
GPU accelerated Monte Carlo simulations of lattice spin models
Available online at www.sciencedirect.com Physics Procedia 15 (2011) 92 96 GPU accelerated Monte Carlo simulations of lattice spin models M. Weigel, T. Yavors kii Institut für Physik, Johannes Gutenberg-Universität
Lattice simulation of tight-binding theory of graphene with partially screened Coulomb interactions
Lattice simulation of tight-binding theory of graphene with partially screened Coulomb interactions Dominik Smith Lorenz von Smekal smith@theorie.ikp.physik.tu-darmstadt.de 1. August 2013 IKP TUD / SFB
Sieving for Shortest Vectors in Ideal Lattices: a Practical Perspective
Sieving for Shortest Vectors in Ideal Lattices: a Practical Perspective Joppe W. Bos 1, Michael Naehrig 2, and Joop van de Pol 3 1 NXP Semiconductors, Leuven, Belgium joppe.bos@nxp.com 2 Microsoft Research,
arxiv: v1 [physics.comp-ph] 30 Oct 2017
![arxiv: v1 [physics.comp-ph] 30 Oct 2017](/thumbs/94/122256935.jpg "arxiv: v1 [physics.comp-ph] 30 Oct 2017")
An efficient GPU algorithm for tetrahedron-based Brillouin-zone integration Daniel Guterding 1, and Harald O. Jeschke 1 Lucht Probst Associates, Große Gallusstraße 9, 011 Frankfurt am Main, Germany, European
Attacking and defending the McEliece cryptosystem
Attacking and defending the McEliece cryptosystem (Joint work with Daniel J. Bernstein and Tanja Lange) Christiane Peters Technische Universiteit Eindhoven PQCrypto 2nd Workshop on Postquantum Cryptography
Réduction de réseau et cryptologie.
Réduction de réseau et cryptologie Séminaire CCA Nicolas Gama Ensicaen 8 janvier 2010 Nicolas Gama (Ensicaen) Réduction de réseau et cryptologie 8 janvier 2010 1 / 54 Outline 1 Example of lattice problems
Reduction of Smith Normal Form Transformation Matrices
Reduction of Smith Normal Form Transformation Matrices G. Jäger, Kiel Abstract Smith normal form computations are important in group theory, module theory and number theory. We consider the transformation
GPU Acceleration of Weather Forecasting and Meteorological Satellite Data Assimilation, Processing and Applications http://www.tempoquest.com Allen Huang, Ph.D. allen@tempoquest.com CTO, Tempo Quest Inc.
Multivariate density estimation and its applications
Multivariate density estimation and its applications Wing Hung Wong Stanford University June 2014, Madison, Wisconsin. Conference in honor of the 80 th birthday of Professor Grace Wahba Lessons I learned
A new lattice construction for partial key exposure attack for RSA
A new lattice construction for partial key exposure attack for RSA Yoshinori Aono Dept. of Mathematical and Computing Sciences Tokyo Institute of Technology, Tokyo, Japan aono5@is.titech.ac.jp Abstract.
CSE 206A: Lattice Algorithms and Applications Spring Basis Reduction. Instructor: Daniele Micciancio
CSE 206A: Lattice Algorithms and Applications Spring 2014 Basis Reduction Instructor: Daniele Micciancio UCSD CSE No efficient algorithm is known to find the shortest vector in a lattice (in arbitrary
Acceleration of WRF on the GPU
Acceleration of WRF on the GPU Daniel Abdi, Sam Elliott, Iman Gohari Don Berchoff, Gene Pache, John Manobianco TempoQuest 1434 Spruce Street Boulder, CO 80302 720 726 9032 TempoQuest.com THE WORLD S FASTEST
Practical, Predictable Lattice Basis Reduction
Practical, Predictable Lattice Basis Reduction Daniele Micciancio UCSD daniele@eng.ucsd.edu Michael Walter UCSD miwalter@eng.ucsd.edu Abstract Lattice reduction algorithms are notoriously hard to predict,
Note on shortest and nearest lattice vectors
Note on shortest and nearest lattice vectors Martin Henk Fachbereich Mathematik, Sekr. 6-1 Technische Universität Berlin Straße des 17. Juni 136 D-10623 Berlin Germany henk@math.tu-berlin.de We show that
New Practical Algorithms for the Approximate Shortest Lattice Vector
New Practical Algorithms for the Approximate Shortest Lattice Vector Claus Peter Schnorr Fachbereiche Mathemati/Informati, Universität Franfurt, PSF 493, D-60054 Franfurt am Main, Germany. schnorr@cs.uni-franfurt.de
Predicting Lattice Reduction
Predicting Lattice Reduction Nicolas Gama and Phong Q. Nguyen École normale supérieure/cnrs/inria, 45 rue d Ulm, 75005 Paris, France nicolas.gama@ens.fr http://www.di.ens.fr/~pnguyen Abstract. Despite
Proxy Re-Encryption in a Stronger Security Model Extended from CT-RSA2012
Proxy Re-Encryption in a Stronger Security Model Extended from CT-RSA2012 Manh Ha Nguyen Tokyo Institute of Technology Toshiyuki Isshiki 1,2 and Keisuke Tanaka 2 1 NEC Corporation 2 Tokyo Institute of
Algorithmic Geometry of Numbers: LLL and BKZ
Algorithmic Geometry of Numbers: LLL and BKZ Léo Ducas CWI, Amsterdam, The Netherlands HEAT Summer-School on FHE and MLM Léo Ducas (CWI, Amsterdam) LLL and BKZ HEAT, October 2015 1 / 28 A gift from Johannes
Mayer Sampling Monte Carlo Calculation of Virial. Coefficients on Graphics Processors
Mayer Sampling Monte Carlo Calculation of Virial Coefficients on Graphics Processors Andrew J. Schultz, Vipin Chaudhary, David A. Kofke,, and Nathaniel S. Barlow Department of Chemical and Biological Engineering,
S0214 : GPU Based Stacking Sequence Generation For Composite Skins Using GA
S0214 : GPU Based Stacking Sequence Generation For Composite Skins Using GA Date: 16th May 2012 Wed, 3pm to 3.25pm(Adv. Session) Sathyanarayana K., Manish Banga, and Ravi Kumar G. V. V. Engineering Services,
Lattice-Based Cryptography: Mathematical and Computational Background. Chris Peikert Georgia Institute of Technology.
Lattice-Based Cryptography: Mathematical and Computational Background Chris Peikert Georgia Institute of Technology crypt@b-it 2013 1 / 18 Lattice-Based Cryptography y = g x mod p m e mod N e(g a, g b
Graphics Card Computing for Materials Modelling
Graphics Card Computing for Materials Modelling Case study: Analytic Bond Order Potentials B. Seiser, T. Hammerschmidt, R. Drautz, D. Pettifor Funded by EPSRC within the collaborative multi-scale project
The Simple 7-(33,8,10)-Designs with Automorphism Group PΓL(2,32)
The Simple 7-(33,8,10)-Designs with Automorphism Group PΓL(2,32) Alfred Wassermann Abstract Lattice basis reduction in combination with an efficient backtracking algorithm is used to find all (4 996 426)
Implementation of float float operators on graphic hardware
Implementation of float float operators on graphic hardware Guillaume Da Graça David Defour DALI, Université de Perpignan Outline Why GPU? Floating point arithmetic on GPU Float float format Problem &
Open-Source Parallel FE Software : FrontISTR -- Performance Considerations about B/F (Byte per Flop) of SpMV on K-Supercomputer and GPU-Clusters --
Parallel Processing for Energy Efficiency October 3, 2013 NTNU, Trondheim, Norway Open-Source Parallel FE Software : FrontISTR -- Performance Considerations about B/F (Byte per Flop) of SpMV on K-Supercomputer
An Efficient Lattice-based Secret Sharing Construction
An Efficient Lattice-based Secret Sharing Construction Rachid El Bansarkhani 1 and Mohammed Meziani 2 1 Technische Universität Darmstadt Fachbereich Informatik Kryptographie und Computeralgebra, Hochschulstraße
COS 598D - Lattices. scribe: Srdjan Krstic
COS 598D - Lattices scribe: Srdjan Krstic Introduction In the first part we will give a brief introduction to lattices and their relevance in some topics in computer science. Then we show some specific
Accelerating Proton Computed Tomography with GPUs
Accelerating Proton Computed Tomography with GPUs Thomas'D.'Uram,'Argonne'Leadership'Compu2ng'Facility' Michael'E.'Papka,'Argonne'Leadership'Compu2ng'Facility,'Northern'Illinois'University' Nicholas'T.'Karonis,'Northern'Illinois'University,'Argonne'Na2onal'Laboratory
Predicting Lattice Reduction
Predicting Lattice Reduction Nicolas Gama and Phong Q. Nguyen École normale supérieure/cnrs/inria, 45 rue d Ulm, 75005 Paris, France nicolas.gama@ens.fr http://www.di.ens.fr/~pnguyen Abstract. Despite
Dynamic Scheduling for Work Agglomeration on Heterogeneous Clusters
Dynamic Scheduling for Work Agglomeration on Heterogeneous Clusters Jonathan Lifflander, G. Carl Evans, Anshu Arya, Laxmikant Kale University of Illinois Urbana-Champaign May 25, 2012 Work is overdecomposed
Density of Ideal Lattices
Density of Ideal Lattices - Preliminary Draft - Johannes Buchmann and Richard Lindner Technische Universität Darmstadt, Department of Computer Science Hochschulstraße 10, 64289 Darmstadt, Germany buchmann,rlindner@cdc.informatik.tu-darmstadt.de
Parallel stochastic simulation using graphics processing units for the Systems Biology Toolbox for MATLAB
Parallel stochastic simulation using graphics processing units for the Systems Biology Toolbox for MATLAB Supplemental material Guido Klingbeil, Radek Erban, Mike Giles, and Philip K. Maini This document
Population annealing study of the frustrated Ising antiferromagnet on the stacked triangular lattice
Population annealing study of the frustrated Ising antiferromagnet on the stacked triangular lattice Michal Borovský Department of Theoretical Physics and Astrophysics, University of P. J. Šafárik in Košice,
Efficient Molecular Dynamics on Heterogeneous Architectures in GROMACS
Efficient Molecular Dynamics on Heterogeneous Architectures in GROMACS Berk Hess, Szilárd Páll KTH Royal Institute of Technology GTC 2012 GROMACS: fast, scalable, free Classical molecular dynamics package
CSE 206A: Lattice Algorithms and Applications Spring Basic Algorithms. Instructor: Daniele Micciancio
CSE 206A: Lattice Algorithms and Applications Spring 2014 Basic Algorithms Instructor: Daniele Micciancio UCSD CSE We have already seen an algorithm to compute the Gram-Schmidt orthogonalization of a lattice
Jacobi-Based Eigenvalue Solver on GPU. Lung-Sheng Chien, NVIDIA
Jacobi-Based Eigenvalue Solver on GPU Lung-Sheng Chien, NVIDIA lchien@nvidia.com Outline Symmetric eigenvalue solver Experiment Applications Conclusions Symmetric eigenvalue solver The standard form is
GPU Computing Activities in KISTI
International Advanced Research Workshop on High Performance Computing, Grids and Clouds 2010 June 21~June 25 2010, Cetraro, Italy HPC Infrastructure and GPU Computing Activities in KISTI Hongsuk Yi hsyi@kisti.re.kr
Enumeration. Phong Nguyễn
Enumeration Phong Nguyễn http://www.di.ens.fr/~pnguyen March 2017 References Joint work with: Yoshinori Aono, published at EUROCRYPT 2017: «Random Sampling Revisited: Lattice Enumeration with Discrete
Attacks on LWE. Martin R. Albrecht Oxford Lattice School
Attacks on LWE Martin R. Albrecht Oxford Lattice School Outline BKZ Refresher LWE Dual Lattice Attack Primal Lattice Attack (usvp Version) BKZ Refresher BKZ Input basis is LLL reduced, the first block
A CUDA Solver for Helmholtz Equation
Journal of Computational Information Systems 11: 24 (2015) 7805 7812 Available at http://www.jofcis.com A CUDA Solver for Helmholtz Equation Mingming REN 1,2,, Xiaoguang LIU 1,2, Gang WANG 1,2 1 College
Parallelization of Molecular Dynamics (with focus on Gromacs) SeSE 2014 p.1/29
Parallelization of Molecular Dynamics (with focus on Gromacs) SeSE 2014 p.1/29 Outline A few words on MD applications and the GROMACS package The main work in an MD simulation Parallelization Stream computing
Practical Combustion Kinetics with CUDA
Funded by: U.S. Department of Energy Vehicle Technologies Program Program Manager: Gurpreet Singh & Leo Breton Practical Combustion Kinetics with CUDA GPU Technology Conference March 20, 2015 Russell Whitesides
Lattice-Based Cryptography
Liljana Babinkostova Department of Mathematics Computing Colloquium Series Detecting Sensor-hijack Attacks in Wearable Medical Systems Krishna Venkatasubramanian Worcester Polytechnic Institute Quantum
FPGA Implementation of a HOG-based Pedestrian Recognition System
MPC Workshop Karlsruhe 10/7/2009 FPGA Implementation of a HOG-based Pedestrian Recognition System Sebastian Bauer sebastian.bauer@fh-aschaffenburg.de Laboratory for Pattern Recognition and Computational
LLL lattice basis reduction algorithm
LLL lattice basis reduction algorithm Helfer Etienne 103010 Contents 1 Lattice 1 11 Introduction 1 1 Definition 13 Determinant 3 14 Shortest vector problem 5 Basis reduction 6 1 Introduction 6 Rank basis
ACCELERATED LEARNING OF GAUSSIAN PROCESS MODELS
ACCELERATED LEARNING OF GAUSSIAN PROCESS MODELS Bojan Musizza, Dejan Petelin, Juš Kocijan, Jožef Stefan Institute Jamova 39, Ljubljana, Slovenia University of Nova Gorica Vipavska 3, Nova Gorica, Slovenia
Multicore Parallelization of Determinant Quantum Monte Carlo Simulations
Multicore Parallelization of Determinant Quantum Monte Carlo Simulations Andrés Tomás, Che-Rung Lee, Zhaojun Bai, Richard Scalettar UC Davis SIAM Conference on Computation Science & Engineering Reno, March
Post-quantum key exchange for the Internet based on lattices
Post-quantum key exchange for the Internet based on lattices Craig Costello Talk at MSR India Bangalore, India December 21, 2016 Based on J. Bos, C. Costello, M. Naehrig, D. Stebila Post-Quantum Key Exchange
Adaptive Heterogeneous Computing with OpenCL: Harnessing hundreds of GPUs and CPUs
Adaptive Heterogeneous Computing with OpenCL: Harnessing hundreds of GPUs and CPUs Simon McIntosh-Smith simonm@cs.bris.ac.uk Head of Microelectronics Research University of Bristol, UK 1 ! A brief biography
Lab Report TEMF - TU Darmstadt
Institut für Theorie Elektromagnetischer Felder Lab Report TEMF - TU Darmstadt W. Ackermann, R. Hampel, M. Kunze T. Lau, W.F.O. Müller, S. Setzer, T. Weiland, I. Zagorodnov TESLA Collaboration Meeting
Lecture 5: CVP and Babai s Algorithm
NYU, Fall 2016 Lattices Mini Course Lecture 5: CVP and Babai s Algorithm Lecturer: Noah Stephens-Davidowitz 51 The Closest Vector Problem 511 Inhomogeneous linear equations Recall that, in our first lecture,
CSC 2414 Lattices in Computer Science September 27, Lecture 4. An Efficient Algorithm for Integer Programming in constant dimensions
CSC 2414 Lattices in Computer Science September 27, 2011 Lecture 4 Lecturer: Vinod Vaikuntanathan Scribe: Wesley George Topics covered this lecture: SV P CV P Approximating CVP: Babai s Nearest Plane Algorithm
Accelerating Linear Algebra on Heterogeneous Architectures of Multicore and GPUs using MAGMA and DPLASMA and StarPU Schedulers
UT College of Engineering Tutorial Accelerating Linear Algebra on Heterogeneous Architectures of Multicore and GPUs using MAGMA and DPLASMA and StarPU Schedulers Stan Tomov 1, George Bosilca 1, and Cédric