Efficient Hardware Architecture of SEED S-box for Smart Cards
|
|
- Aldous Marsh
- 5 years ago
- Views:
Transcription
1 JOURNL OF SEMICONDUCTOR TECHNOLOY ND SCIENCE VOL.4 NO.4 DECEMBER 4 37 Efficient Hardware rchitecture of SEED S-bo for Smart Cards Joon-Ho Hwang bstract This aer resents an efficient architecture that otimizes the design of SEED S-bo using comosite field arithmetic. SEED is the Korean standard -bit block ciher algorithm develoed by Korea Information Security gency. The nonlinear function S-bo is the most costly oeration in terms of size and ower consumtion taking u more than 3% of the entire SEED circuit. Therefore the S-bo design can become a crucial factor when imlemented in systems where resources are limited such as smart cards. In this aer we transform elements in to comosite field where more efficient comutations can be imlemented and transform the comuted result back to. This technique reduces the S-bo ortion to 5% and the entire SEED algorithm can be imlemented at 7 gates using Samsung smart card CMOS technology. Inde Terms SEED S-bo symmetric encrytion block ciher comosite field smart card. I. INTRODUCTION SEED algorithm is a -bit symmetric key block ciher that has been develoed by Korea Information Security gency KIS and a grou of eerts in 99 []. SEED is a national industrial association standard TTS KO and is widely used to rotect electronic transactions financial services and electronic mails rovided in Korea. SEED is a 6-round Feistel structure using -bit Manuscrit received November 3 4; revised December 4. SoC R&D Center Samsung Electronics Seoul Korea joonho.hwang@samsung.com message block and -bit key for oeration. SEED utilize the S-boes and ermutations for high security level and is known to be strong against differential crytanalysis and linear crytanalysis until now. There are several factors to consider when imlementing a block ciher such as SEED. There have been literatures to imrove the erformances [6] however there have been no ublication on how to imlement effectively on systems where resources are limited such as smart cards. In such systems it is imortant to kee the gate count as well as the ower consumtion to minimum since they have rigorous constraints on such factors. nother factor to consider is the vulnerability to side channel attacks. Smart cards have a characteristic that it can be easily robed and side channel attacks such as Differential Power nalysis DP [7] can be erformed. Hence countermeasure against these side channel attacks is another challenging factor to consider when imlementing crytograhic ules. One of the advantages of using comosite field arithmetic for S-bo imlementation is that random masking techniques can be designed for SEED [] to revent side channel attacks. However crytanalysis is not the main subject of this aer and hence will not be mentioned any further. The idea of using comosite field arithmetic for S- bo designs were first alied to ES dvanced Encrytion Standard block ciher [][3][4][5]. The main oeration of ES S-bo is an inverse oeration for elements in whereas the main oeration of SEED S-bo is an ular eonentiation for elements in. lso the rimitive olynomial used for ES S-bo is different from the rimitive olynomial used for SEED S-bo. Therefore the comosite field transformation for ES S-bo cannot be d irectly
2 ..3 JOON-HO HWN EFFICIENT HRDWRE RCHITECTURE OF SEED S-BOX FOR SMRT CRDS alied to SEED S-bo. In the remainder of this aer we resent an efficient architecture of imlementing SEED S-bo using comosite field technique. The aer is organized as follows In section we give a brief introduction to SEED block ciher algorithm. Section 3 describes our new architecture for SEED S-bo and section 4 gives some imlementation results of our new architecture. Finally our conclusion is given in section 5.. Round function F The round function F divides the 64-bit inut block into two 3-bit blocks C D and goes through 4 hases a miing hase with two 3-bit round key blocks K[i] K[i] and 3 layers of function with additions for miing two 3-bit blocks. The round function F is shown in Figure. II. DESCRIPTION OF SEED LORITHM D This section gives a brief descrition on SEED block ciher algorithm. More detailed information can be obtained in []. K[i] K[i]. Structure of SEED SEED is a classical Feistel structure ciher with 6 rounds. Feistel structure cihers have a common characteristic that an inverse function does not have to eist. The decrytion rocess is eactly the same as the encrytion rocess ecet that the round keys are arranged in reverse sequences. Therefore no C D Fig.. Structure of round function F distinguishment needs to be made between an SEED The denotes a bitwise eclusive OR oeration and encrytion circuit and a SEED decrytion circuit. - the boed denotes an addition in ular 3. bit inut is divided into two 64-bit blocks and the right 64-bit block is an inut to the round function F with a 64- bit round key generated from the key scheduling. The structure of SEED is shown in Figure..C 3. Function The function has two layers a layer of two S- L[] R[] boes and a layer of block ermutation of siteen 6-bit sub-blocks. F K[] L[] R[] d c b a K[].F S S S S Block Permutation L[5] R[5] F K[6] d c b a L[6] R[6] Fig.. Feistel structure of SEED Fig. 3. Structure of function
3 JOURNL OF SEMICONDUCTOR TECHNOLOY ND SCIENCE VOL.4 NO.4 DECEMBER 4 39 The first layer of two S-boes is generated from the following equation S S where 56 5 S S where 5 6 olynomial rimitive 4. Key scheduling The descrition of the SEED key schedule will be omitted in this aer because our roosed architecture is indeendent of the structure of the SEED key schedule. III. SEED S-BOX IN COMPOSITE FIELD In general the ular eonentiation calculation in equation and is very comlicated to imlement and hence is usually imlemented as a looku table or as SOP Sum-of-Product logic circuits generated by CD tools. In this section we resent an efficient way to imlement equation and where elements are transformed to comosite field elements for comutation.. Modification of S-bo equations Since the inuts and oututs of S-bo equations are all elements of the following congruence is true The following congruence can be derived from Therefore S-bo S can be ified as follows. 69 S 5 Equivalently S-bo S can be ified as follows S 6 s seen in equation 5 and 6 the S-bo equations for SEED have been ified to inverse oeration with additional squaring oerations. However squaring in is merely matri transformations and eventually can be merged with inverse isomorhic transformation and affine transformation at the final stage requiring no additional hardware resources. Therefore most art of S-bo oeration will be concentrated in inverse calculation.. Isomorhic transformation In order to otimize the inverse calculation we transform elements to comosite field elements defined by the following irreducible olynomials. 5 6 field Original {{}{}} {} field Comosite The isomorhic transformation of to using the above irreducible olynomial can be given by the following matri transformation δ. f δ δ
4 3 JOON-HO HWN EFFICIENT HRDWRE RCHITECTURE OF SEED S-BOX FOR SMRT CRDS 3. Inverse calculation in comosite field a[] Once the element is transformed into a comosite field element the inverse calculation can be done with the following circuit. a[] b[] aⅹb[] aⅹb[] X[3] X [3] X[3] Xλ[3] X[] X [] X[] Xλ[] b[] X[] X[] X [] X [] X[] X[] Xλ[] Xλ[] Fig. 6. multilier circuit X[74] X ⅹλ Mult X - [74] 4. Inverse isomorhic transformation Inv X[3] Mult Mult X - [3] Fig. 4. inverse calculation circuit The inverse calculation circuit is constructed with three multiliers and a inverse calculation. The multilier circuit is give in the following diagram. The element in must be transformed back to the original field once inverse is comuted. The inverse isomorhic transformation δ - is simly the inverse matri of isomorhic transformation δ. However the inverse matri must be merged with squaring transformation matri and affine transformation matri to get the S-bo result in equation 5 and 6. This is deicted in Figure 7. Mult ⅹФ [] Ф[] a[3] [] Ф[] a[] Mult aⅹb[3] b[3] b[] Mult aⅹb [] Fig. 5. multilier circuit The multilier circuit is constructed with three multiliers and eclusive OR oerations. Breaking down more into lower field the multilier circuit is constructed with bitwise ND oerations and eclusive OR oerations. The structure for multilier circuit is given in Figure 6. The inverse calculation can be either constructed as a re-comuted looku table since it is simle enough by having only 644 cases or by breaking down more into lower field multilication in the similar manner. The described circuits above calculate the inverse value of an element in and this is much more efficient than calculating the inverse value of an element in. Fig. 7. Inverse isomorhic transformation rocess IV. IMPLEMENTTION RESULTS Table. Imlementation results of SEED Our method Conventional rea S-bo 66 5% 354 3% ates Total Critical Path 3 ns 5 ns Throughut MHz We imlemented SEED with Verilog-HDL using the resented architecture. Our imlementation used the
5 JOURNL OF SEMICONDUCTOR TECHNOLOY ND SCIENCE VOL.4 NO.4 DECEMBER 4 3 shared -function scheme since it was otimized for area and ower and therefore requires 7 clock cycles for each round. We simulated our imlementation with Cadence NC-Verilog and synthesized it with Synosys Design-Comlier. The imlementation was simulated and synthesized with Samsung smart-card library smart3 which is a.µm CMOS technology. The results are summarized in Table. V. CONCLUSION "Hardware Imlementation of -Bit Symmetric Ciher SEED" IEEE P-SIC. [7] P. Kocher J. Jaffe and B. Jun "Differential Power nalysis" dvances in Crytology - CRYPTO 999 LNCS Vol [] Y.J. Baek and J.H. Hwang "Imroved lgorithms for converting between Boolean Mask and rithmetic Mask" to aear in Fourth Conference on Security in Communication NetworksSCN '4 4 In this aer we resented an efficient hardware architecture for SEED S-bo imlementation using comosite field arithmetic. This architecture is alicable to systems where resources such as area and ower are limited as in smart cards or mobile devices. The reduction of comleity for S-bo results in a very comact and secure hardware architecture of SEED block ciher algorithm. REFERENCES [] Korea Information Security gency KIS SEED lgorithm Secification available at htt//www. kisa.or.kr. [] National Institute of Standards and Technology NIST dvanced Encrytion Standard ES FIPS Publication 97 Nov.. [3]. Rudra et al "Efficient Rijndael encrytion imlementation with comosite field arithmetic" Proc. CHES LNCS Vol [4]. Satoh S. Morioka K. Takano and S. Munetoh " Comact Rijndael Hardware rchitecture with S-Bo Otimization" dvances in Crytology - SICRYPT LNCS Vol [5] S. Morioka and. Satoh "n Otimized S-Bo Circuit rchitecture for Low Power ES Design" Proc. CHES LNCS Vol [6] D.W. Kim Y.H. Seo J.H. Kim and Y.J. Jung Joon-Ho Hwang received his B.S. and M.S. degrees in electronic and electrical engineering from Pohang University of Science and Technology POSTECH Korea in 999 and resectively. He was a member of the information security and telecommunication laboratory during the M.S. course where he concentrated research on crytograhy and PKI. He is currently a research engineer at Samsung Electronics SoC R&D Center. His current research interests include hardware architecture of crytograhic algorithms side-channel attacks and countermeasure schemes for such attacks.
Elliptic Curves and Cryptography
Ellitic Curves and Crytograhy Background in Ellitic Curves We'll now turn to the fascinating theory of ellitic curves. For simlicity, we'll restrict our discussion to ellitic curves over Z, where is a
More informationBayesian System for Differential Cryptanalysis of DES
Available online at www.sciencedirect.com ScienceDirect IERI Procedia 7 (014 ) 15 0 013 International Conference on Alied Comuting, Comuter Science, and Comuter Engineering Bayesian System for Differential
More informationOutline. EECS150 - Digital Design Lecture 26 Error Correction Codes, Linear Feedback Shift Registers (LFSRs) Simple Error Detection Coding
Outline EECS150 - Digital Design Lecture 26 Error Correction Codes, Linear Feedback Shift Registers (LFSRs) Error detection using arity Hamming code for error detection/correction Linear Feedback Shift
More information1. Introduction. 2. Background of elliptic curve group. Identity-based Digital Signature Scheme Without Bilinear Pairings
Identity-based Digital Signature Scheme Without Bilinear Pairings He Debiao, Chen Jianhua, Hu Jin School of Mathematics Statistics, Wuhan niversity, Wuhan, Hubei, China, 43007 Abstract: Many identity-based
More informationA Modified Menezes-Vanstone Elliptic Curve Multi-Keys Cryptosystem
A Modified Menezes-Vanstone Ellitic Curve Multi-Keys Crytosystem By K.H. Rahouma Electrical Technology Deartment Technical College in Riyadh Riyadh, Kingdom of Saudi Arabia E-mail: kamel_rahouma@yahoo.com
More informationComputer arithmetic. Intensive Computation. Annalisa Massini 2017/2018
Comuter arithmetic Intensive Comutation Annalisa Massini 7/8 Intensive Comutation - 7/8 References Comuter Architecture - A Quantitative Aroach Hennessy Patterson Aendix J Intensive Comutation - 7/8 3
More informationLattice Attacks on the DGHV Homomorphic Encryption Scheme
Lattice Attacks on the DGHV Homomorhic Encrytion Scheme Abderrahmane Nitaj 1 and Tajjeeddine Rachidi 2 1 Laboratoire de Mathématiques Nicolas Oresme Université de Caen Basse Normandie, France abderrahmanenitaj@unicaenfr
More informationA Block Cipher Involving a Key and a Key Bunch Matrix, Supplemented with Key-Based Permutation and Substitution
(IJACSA) International Journal of Advanced Comuter Science and Alications, Vol. 4, No., 0 A Block Ciher Involving a Key and a Key Bunch Matrix, Sulemented with Key-Based Permutation and Substitution Dr.
More informationGalois Fields, Linear Feedback Shift Registers and their Applications
Galois Fields, Linear Feedback Shift Registers and their Alications With 85 illustrations as well as numerous tables, diagrams and examles by Ulrich Jetzek ISBN (Book): 978-3-446-45140-7 ISBN (E-Book):
More informationShadow Computing: An Energy-Aware Fault Tolerant Computing Model
Shadow Comuting: An Energy-Aware Fault Tolerant Comuting Model Bryan Mills, Taieb Znati, Rami Melhem Deartment of Comuter Science University of Pittsburgh (bmills, znati, melhem)@cs.itt.edu Index Terms
More informationCryptography Assignment 3
Crytograhy Assignment Michael Orlov orlovm@cs.bgu.ac.il) Yanik Gleyzer yanik@cs.bgu.ac.il) Aril 9, 00 Abstract Solution for Assignment. The terms in this assignment are used as defined in [1]. In some
More informationA Public-Key Cryptosystem Based on Lucas Sequences
Palestine Journal of Mathematics Vol. 1(2) (2012), 148 152 Palestine Polytechnic University-PPU 2012 A Public-Key Crytosystem Based on Lucas Sequences Lhoussain El Fadil Communicated by Ayman Badawi MSC2010
More informationImproved Hidden Vector Encryption with Short Ciphertexts and Tokens
Imroved Hidden Vector Encrytion with Short Cihertexts and Tokens Kwangsu Lee Dong Hoon Lee Abstract Hidden vector encrytion HVE) is a articular kind of redicate encrytion that is an imortant crytograhic
More informationON LINEAR COMPLEXITY OF GENERALIZED SHRINKING-MULTIPLEXING GENERATOR
Journal of Basic and Alied Research International 4(1): 8 17, 015 O LIEAR COMPLEXITY OF GEERALIZED SHRIKIG-MULTIPLEXIG GEERATOR ZHAETA. TASHEVA 1* 1 Faculty of Artillery, AAD and CIS, ational Military
More informationAdvanced Cryptography Midterm Exam
Advanced Crytograhy Midterm Exam Solution Serge Vaudenay 17.4.2012 duration: 3h00 any document is allowed a ocket calculator is allowed communication devices are not allowed the exam invigilators will
More informationAN IMPROVED BABY-STEP-GIANT-STEP METHOD FOR CERTAIN ELLIPTIC CURVES. 1. Introduction
J. Al. Math. & Comuting Vol. 20(2006), No. 1-2,. 485-489 AN IMPROVED BABY-STEP-GIANT-STEP METHOD FOR CERTAIN ELLIPTIC CURVES BYEONG-KWEON OH, KIL-CHAN HA AND JANGHEON OH Abstract. In this aer, we slightly
More informationQUANTUM INFORMATION DELAY SCHEME USING ORTHOGONAL PRODUCT STATES
0 th March 0. Vol. No. 00-0 JATIT & LLS. All rights reserved. ISSN: -86 www.jatit.org E-ISSN: 87- QUANTUM INFORMATION DELAY SCHEME USING ORTHOGONAL PRODUCT STATES XIAOYU LI, LIJU CHEN School of Information
More informationEfficient Cryptosystems From 2 k -th Power Residue Symbols
Published in Journal of Crytology, 30(2:519 549, 2017. Efficient Crytosystems From 2 k -th Power Residue Symbols Fabrice Benhamouda 1, Javier Herranz 2, Marc Joye 3, and Benoît Libert 4, 1 ES Paris, CRS,
More informationDistributed Rule-Based Inference in the Presence of Redundant Information
istribution Statement : roved for ublic release; distribution is unlimited. istributed Rule-ased Inference in the Presence of Redundant Information June 8, 004 William J. Farrell III Lockheed Martin dvanced
More informationScaling ORAM for Secure Computation
Scaling ORAM for Secure Comutation Jack Doerner Northeastern University j@ckdoerner.net ahi shelat Northeastern University ahi@neu.edu Decemer 27, 2017 Astract We design and imlement a Distriuted Olivious
More informationEfficient Cryptosystems From 2 k -th Power Residue Symbols
Efficient Crytosystems From k -th Power Residue Symbols Fabrice Benhamouda, Javier Herranz, Marc Joye 3, and Benoît Libert 4, ENS Paris, CNRS, INRIA, and PSL 45 rue d Ulm, 7530 Paris Cedex 06, France fabrice.benhamouda@ens.fr
More informationCryptanalysis of Pseudorandom Generators
CSE 206A: Lattice Algorithms and Alications Fall 2017 Crytanalysis of Pseudorandom Generators Instructor: Daniele Micciancio UCSD CSE As a motivating alication for the study of lattice in crytograhy we
More informationFig. 21: Architecture of PeerSim [44]
Sulementary Aendix A: Modeling HPP with PeerSim Fig. : Architecture of PeerSim [] In PeerSim, every comonent can be relaced by another comonent imlementing the same interface, and the general simulation
More informationLecture 21: Quantum Communication
CS 880: Quantum Information Processing 0/6/00 Lecture : Quantum Communication Instructor: Dieter van Melkebeek Scribe: Mark Wellons Last lecture, we introduced the EPR airs which we will use in this lecture
More informationThe Noise Power Ratio - Theory and ADC Testing
The Noise Power Ratio - Theory and ADC Testing FH Irons, KJ Riley, and DM Hummels Abstract This aer develos theory behind the noise ower ratio (NPR) testing of ADCs. A mid-riser formulation is used for
More informationA PROBABILISTIC POWER ESTIMATION METHOD FOR COMBINATIONAL CIRCUITS UNDER REAL GATE DELAY MODEL
A PROBABILISTIC POWER ESTIMATION METHOD FOR COMBINATIONAL CIRCUITS UNDER REAL GATE DELAY MODEL G. Theodoridis, S. Theoharis, D. Soudris*, C. Goutis VLSI Design Lab, Det. of Electrical and Comuter Eng.
More informationMODELING THE RELIABILITY OF C4ISR SYSTEMS HARDWARE/SOFTWARE COMPONENTS USING AN IMPROVED MARKOV MODEL
Technical Sciences and Alied Mathematics MODELING THE RELIABILITY OF CISR SYSTEMS HARDWARE/SOFTWARE COMPONENTS USING AN IMPROVED MARKOV MODEL Cezar VASILESCU Regional Deartment of Defense Resources Management
More informationEvaluating Circuit Reliability Under Probabilistic Gate-Level Fault Models
Evaluating Circuit Reliability Under Probabilistic Gate-Level Fault Models Ketan N. Patel, Igor L. Markov and John P. Hayes University of Michigan, Ann Arbor 48109-2122 {knatel,imarkov,jhayes}@eecs.umich.edu
More informationCDH/DDH-Based Encryption. K&L Sections , 11.4.
CDH/DDH-Based Encrytion K&L Sections 8.3.1-8.3.3, 11.4. 1 Cyclic grous A finite grou G of order q is cyclic if it has an element g of q. { 0 1 2 q 1} In this case, G = g = g, g, g,, g ; G is said to be
More informationAn Attack on a Fully Homomorphic Encryption Scheme
An Attack on a Fully Homomorhic Encrytion Scheme Yuu Hu 1 and Fenghe Wang 2 1 Telecommunication School, Xidian University, 710071 Xi an, China 2 Deartment of Mathematics and Physics Shandong Jianzhu University,
More informationCOMPARISON OF VARIOUS OPTIMIZATION TECHNIQUES FOR DESIGN FIR DIGITAL FILTERS
NCCI 1 -National Conference on Comutational Instrumentation CSIO Chandigarh, INDIA, 19- March 1 COMPARISON OF VARIOUS OPIMIZAION ECHNIQUES FOR DESIGN FIR DIGIAL FILERS Amanjeet Panghal 1, Nitin Mittal,Devender
More informationPredicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products
Predicate Encrytion Suorting Disjunctions, Polynomial Equations, and Inner Products Jonathan Katz jkatz@cs.umd.edu Amit Sahai sahai@cs.ucla.edu Brent Waters bwaters@csl.sri.com Abstract Predicate encrytion
More informationEfficient Cryptosystems From 2 k -th Power Residue Symbols
Efficient Crytosystems From 2 k -th Power Residue Symbols Marc Joye and Benoît Libert Technicolor 975 avenue des Chams Blancs, 35576 Cesson-Sévigné Cedex, France {marc.joye,benoit.libert}@technicolor.com
More informationUniform Sample Generations from Contractive Block Toeplitz Matrices
IEEE TRASACTIOS O AUTOMATIC COTROL, VOL 5, O 9, SEPTEMBER 6 559 Uniform Samle Generations from Contractive Bloc Toelitz Matrices Tong Zhou and Chao Feng Abstract This note deals with generating a series
More informationA Cryptanalysis of PRINTcipher: The Invariant Subspace Attack
A Crytanalysis of PRINTciher: The Invariant ubsace Attack Gregor Leander, Mohamed Ahmed Abdelraheem, Hoda AlKhzaimi, Erik Zenner Technical University of Denmark, DK-2800 Kgs. Lyngby, Denmark {G.Leander,M.A.Abdelraheem,H.Alkhzaimi,E.Zenner}@mat.dtu.dk
More informationA New and Optimal Chosen-message Attack on RSA-type Cryptosystems
Published in Y. Han, T. Okamoto, and S. Qing, eds, Information and Communications Security (ICICS 97), vol. 1334 of Lecture Notes in Comer Science,. 30-313, Sringer-Verlag, 1997. A New and Otimal Chosen-message
More informationq-ary Symmetric Channel for Large q
List-Message Passing Achieves Caacity on the q-ary Symmetric Channel for Large q Fan Zhang and Henry D Pfister Deartment of Electrical and Comuter Engineering, Texas A&M University {fanzhang,hfister}@tamuedu
More informationFault Tolerant Quantum Computing Robert Rogers, Thomas Sylwester, Abe Pauls
CIS 410/510, Introduction to Quantum Information Theory Due: June 8th, 2016 Sring 2016, University of Oregon Date: June 7, 2016 Fault Tolerant Quantum Comuting Robert Rogers, Thomas Sylwester, Abe Pauls
More informationUncertainty Modeling with Interval Type-2 Fuzzy Logic Systems in Mobile Robotics
Uncertainty Modeling with Interval Tye-2 Fuzzy Logic Systems in Mobile Robotics Ondrej Linda, Student Member, IEEE, Milos Manic, Senior Member, IEEE bstract Interval Tye-2 Fuzzy Logic Systems (IT2 FLSs)
More informationConversions among Several Classes of Predicate Encryption and Applications to ABE with Various Compactness Tradeoffs
Conversions among Several Classes of Predicate Encrytion and Alications to ABE with Various Comactness Tradeoffs Nuttaong Attraadung, Goichiro Hanaoka, and Shota Yamada National Institute of Advanced Industrial
More informationTanja Lange Technische Universiteit Eindhoven
Crytanalysis Course Part I Tanja Lange Technische Universiteit Eindhoven 28 Nov 2016 with some slides by Daniel J. Bernstein Main goal of this course: We are the attackers. We want to break ECC and RSA.
More informationControllability and Resiliency Analysis in Heat Exchanger Networks
609 A ublication of CHEMICAL ENGINEERING RANSACIONS VOL. 6, 07 Guest Editors: Petar S Varbanov, Rongxin Su, Hon Loong Lam, Xia Liu, Jiří J Klemeš Coyright 07, AIDIC Servizi S.r.l. ISBN 978-88-95608-5-8;
More informationDynamic Countermeasure Against the Zero Power Analysis
Dynamic Countermeasure Against the Zero Power Analysis Jean-Luc Danger 1,2, Sylvain Guilley 1,2, Philie Hoogvorst 2, Cédric Murdica 1,2, and David Naccache 3 1 Secure-IC S.A.S., 80 avenue des Buttes de
More informationYang Y * and Jung I U.S. NRC Abstract
International Journal of afety cience Vol. 01, No. 01, 2017,. 12-19 OI:10.24900/01011219.2017.0301 oolean lgebra lication in imlifying ault Tree nalysis Yang Y * and Jung I U.. NR yaguang.yang@nrc.gov,
More informationBilinear Entropy Expansion from the Decisional Linear Assumption
Bilinear Entroy Exansion from the Decisional Linear Assumtion Lucas Kowalczyk Columbia University luke@cs.columbia.edu Allison Bisho Lewko Columbia University alewko@cs.columbia.edu Abstract We develo
More informationCryptography. Lecture 8. Arpita Patra
Crytograhy Lecture 8 Arita Patra Quick Recall and Today s Roadma >> Hash Functions- stands in between ublic and rivate key world >> Key Agreement >> Assumtions in Finite Cyclic grous - DL, CDH, DDH Grous
More informationHighly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design
Saint-Malo, September 13th, 2015 Cryptographic Hardware and Embedded Systems Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1, Naofumi
More informationAnalysis of Multi-Hop Emergency Message Propagation in Vehicular Ad Hoc Networks
Analysis of Multi-Ho Emergency Message Proagation in Vehicular Ad Hoc Networks ABSTRACT Vehicular Ad Hoc Networks (VANETs) are attracting the attention of researchers, industry, and governments for their
More informationOptimal Design of Truss Structures Using a Neutrosophic Number Optimization Model under an Indeterminate Environment
Neutrosohic Sets and Systems Vol 14 016 93 University of New Mexico Otimal Design of Truss Structures Using a Neutrosohic Number Otimization Model under an Indeterminate Environment Wenzhong Jiang & Jun
More informationOblivious Transfer based on Key Exchange
Oblivious Transfer based on Key Echane bhishek Parakh bstract: Key-echane rotocols have been overlooked as a ossible means for imlementin oblivious transfer (OT) In this aer we resent a rotocol for mutual
More informationA Fast Interpolation Unit Using Selector Logics
A Fast Interolation Unit Using Selector Logics Manami Iwata, Hiromine Yoshihara, Masao Yangisawa and Nozomu Togawa Interolation is a techniue that fills the gas between existing data, which is often alied
More informationMath 261 Exam 2. November 7, The use of notes and books is NOT allowed.
Math 261 Eam 2 ovember 7, 2018 The use of notes and books is OT allowed Eercise 1: Polynomials mod 691 (30 ts In this eercise, you may freely use the fact that 691 is rime Consider the olynomials f( 4
More informationRobust Performance Design of PID Controllers with Inverse Multiplicative Uncertainty
American Control Conference on O'Farrell Street San Francisco CA USA June 9 - July Robust Performance Design of PID Controllers with Inverse Multilicative Uncertainty Tooran Emami John M Watkins Senior
More informationRobust Predictive Control of Input Constraints and Interference Suppression for Semi-Trailer System
Vol.7, No.7 (4),.37-38 htt://dx.doi.org/.457/ica.4.7.7.3 Robust Predictive Control of Inut Constraints and Interference Suression for Semi-Trailer System Zhao, Yang Electronic and Information Technology
More informationSolving Cyclotomic Polynomials by Radical Expressions Andreas Weber and Michael Keckeisen
Solving Cyclotomic Polynomials by Radical Exressions Andreas Weber and Michael Keckeisen Abstract: We describe a Male ackage that allows the solution of cyclotomic olynomials by radical exressions. We
More informationA MIXED CONTROL CHART ADAPTED TO THE TRUNCATED LIFE TEST BASED ON THE WEIBULL DISTRIBUTION
O P E R A T I O N S R E S E A R C H A N D D E C I S I O N S No. 27 DOI:.5277/ord73 Nasrullah KHAN Muhammad ASLAM 2 Kyung-Jun KIM 3 Chi-Hyuck JUN 4 A MIXED CONTROL CHART ADAPTED TO THE TRUNCATED LIFE TEST
More informationA secure approach for embedding message text on an elliptic curve defined over prime fields, and building 'EC-RSA-ELGamal' Cryptographic System
International Journal of Comuter Science an Information Security (IJCSIS), Vol. 5, No. 6, June 7 A secure aroach for embeing message tet on an ellitic curve efine over rime fiels, an builing 'EC-RSA-ELGamal'
More informationResearch of power plant parameter based on the Principal Component Analysis method
Research of ower lant arameter based on the Princial Comonent Analysis method Yang Yang *a, Di Zhang b a b School of Engineering, Bohai University, Liaoning Jinzhou, 3; Liaoning Datang international Jinzhou
More informationCellular Automata Based Authentication (CAA)
Cellular Automata Based Authentication (CAA) Monalisa Mukherjee 1, Niloy Ganguly 2, and P. Pal Chaudhuri 1 1 Deartment of Comuter Science & Technology, Bengal Engineering College (D.U), Botanic Garden,
More informationVision Graph Construction in Wireless Multimedia Sensor Networks
University of Nebraska - Lincoln DigitalCommons@University of Nebraska - Lincoln CSE Conference and Worksho Paers Comuter Science and Engineering, Deartment of 21 Vision Grah Construction in Wireless Multimedia
More informationMATHEMATICAL MODELLING OF THE WIRELESS COMMUNICATION NETWORK
Comuter Modelling and ew Technologies, 5, Vol.9, o., 3-39 Transort and Telecommunication Institute, Lomonosov, LV-9, Riga, Latvia MATHEMATICAL MODELLIG OF THE WIRELESS COMMUICATIO ETWORK M. KOPEETSK Deartment
More informationOPTIMAL Power Flow (OPF) was introduced by Carpentier
SUBMITTED TO IEEE TRANSACTIONS ON SMART GRID, JAN 2017 1 Parallel Comutation of Large-Scale Dynamic Otimal Power Flow Problems Nico Meyer-Huebner, Student Member, IEEE, Abolfazl Mosaddegh, Student Member,
More informationEnergy-aware optimisation for run-time reconfiguration
Energy-aware otimisation for run-time reconfiguration Tobias Becker and Wayne Luk Deartment of Comuting Imerial College London, UK eter Y. K. Cheung Deartment of Electrical and Electronic Engineering Imerial
More informationAn Investigation of Some Forward Security Properties for PEKS and IBE
An Investigation of Some Forward Security Proerties for PEKS and IBE Qiang Tang APSIA grou, SnT, University of Luxemourg 6, rue Richard Coudenhove-Kalergi, L-359 Luxemourg qiang.tang@uni.lu Astract. In
More informationSets of Real Numbers
Chater 4 Sets of Real Numbers 4. The Integers Z and their Proerties In our revious discussions about sets and functions the set of integers Z served as a key examle. Its ubiquitousness comes from the fact
More informationJacobi symbols and application to primality
Jacobi symbols and alication to rimality Setember 19, 018 1 The grou Z/Z We review the structure of the abelian grou Z/Z. Using Chinese remainder theorem, we can restrict to the case when = k is a rime
More informationMultiplicative group law on the folium of Descartes
Multilicative grou law on the folium of Descartes Steluţa Pricoie and Constantin Udrişte Abstract. The folium of Descartes is still studied and understood today. Not only did it rovide for the roof of
More informationHardware Implementation of Compact AES S-box
IAENG International Journal of Computer Science : IJCS 7 Hardware Implementation of Compact AES S-box Xiaoqiang ZHANG Ning WU Gaizhen YAN and Liling DONG Abstract In this paper a detailed study on compact
More informationarxiv: v1 [quant-ph] 3 Feb 2015
From reversible comutation to quantum comutation by Lagrange interolation Alexis De Vos and Stin De Baerdemacker 2 arxiv:502.0089v [quant-h] 3 Feb 205 Cmst, Imec v.z.w., vakgroe elektronica en informatiesystemen,
More informationThe Recursive Fitting of Multivariate. Complex Subset ARX Models
lied Mathematical Sciences, Vol. 1, 2007, no. 23, 1129-1143 The Recursive Fitting of Multivariate Comlex Subset RX Models Jack Penm School of Finance and lied Statistics NU College of Business & conomics
More informationVLSI Design Issues. ECE 410, Prof. F. Salem/Prof. A. Mason notes update
VLSI Design Issues Scaling/Moore s Law has limits due to the hysics of material. Now L (L=20nm??) affects tx delays (seed), noise, heat (ower consumtion) Scaling increases density of txs and requires more
More informationA Very Compact Perfectly Masked S-Box
A Very Compact Perfectly Masked S-Box for AES D. Canright 1 and Lejla Batina 2 1 Applied Math., Naval Postgraduate School, Monterey CA 93943, USA, dcanright@nps.edu 2 K.U. Leuven ESAT/COSIC, Kasteelpark
More informationDETERMINATION OF OPTIMAL HYDRO GENERATING UNIT COMBINATION IN OPERATION
International Journal on Inmation Technoloies & Security,, 07 5 DETERMINTION OF OTIML HYDRO GENERTING UNIT COMINTION IN OERTION Sofija Nikolova-oceva, nton Chaushevski, Dimitar Dimitrov Faculty of Electrical
More informationLINEAR SYSTEMS WITH POLYNOMIAL UNCERTAINTY STRUCTURE: STABILITY MARGINS AND CONTROL
LINEAR SYSTEMS WITH POLYNOMIAL UNCERTAINTY STRUCTURE: STABILITY MARGINS AND CONTROL Mohammad Bozorg Deatment of Mechanical Engineering University of Yazd P. O. Box 89195-741 Yazd Iran Fax: +98-351-750110
More informationOn Line Parameter Estimation of Electric Systems using the Bacterial Foraging Algorithm
On Line Parameter Estimation of Electric Systems using the Bacterial Foraging Algorithm Gabriel Noriega, José Restreo, Víctor Guzmán, Maribel Giménez and José Aller Universidad Simón Bolívar Valle de Sartenejas,
More informationDesign Constraint for Fine Grain Supply Voltage Control LSI
ASP-DAC 211 Designer s Forum Session 8D-3: State-of-The-Art SoCs and Design Methodologies Design Constraint for Fine Grain Suly Voltage Control LSI January 28, 211 Atsuki Inoue Platform Technologies Laboratories
More informationA Closed-Form Solution to the Minimum V 2
Celestial Mechanics and Dynamical Astronomy manuscrit No. (will be inserted by the editor) Martín Avendaño Daniele Mortari A Closed-Form Solution to the Minimum V tot Lambert s Problem Received: Month
More informationUnit 1 - Computer Arithmetic
FIXD-POINT (FX) ARITHMTIC Unit 1 - Comuter Arithmetic INTGR NUMBRS n bit number: b n 1 b n 2 b 0 Decimal Value Range of values UNSIGND n 1 SIGND D = b i 2 i D = 2 n 1 b n 1 + b i 2 i n 2 i=0 i=0 [0, 2
More informationAn Investigation on the Numerical Ill-conditioning of Hybrid State Estimators
An Investigation on the Numerical Ill-conditioning of Hybrid State Estimators S. K. Mallik, Student Member, IEEE, S. Chakrabarti, Senior Member, IEEE, S. N. Singh, Senior Member, IEEE Deartment of Electrical
More informationA randomized sorting algorithm on the BSP model
A randomized sorting algorithm on the BSP model Alexandros V. Gerbessiotis a, Constantinos J. Siniolakis b a CS Deartment, New Jersey Institute of Technology, Newark, NJ 07102, USA b The American College
More informationAdaptive Protection Algorithm for Overcurrent Relay in Distribution System with DG
J Electr Eng Technol Vol. 8, No. 5: 1002-1011, 2013 htt://dx.doi.org/10.5370/jeet.2013.8.5.1002 SSN(Print) 1975-0102 SSN(Online) 2093-7423 Adative Protection Algorithm for Overcurrent Relay in Distribution
More informationMultivariable Generalized Predictive Scheme for Gas Turbine Control in Combined Cycle Power Plant
Multivariable Generalized Predictive Scheme for Gas urbine Control in Combined Cycle Power Plant L.X.Niu and X.J.Liu Deartment of Automation North China Electric Power University Beiing, China, 006 e-mail
More informationON POLYNOMIAL SELECTION FOR THE GENERAL NUMBER FIELD SIEVE
MATHEMATICS OF COMPUTATIO Volume 75, umber 256, October 26, Pages 237 247 S 25-5718(6)187-9 Article electronically ublished on June 28, 26 O POLYOMIAL SELECTIO FOR THE GEERAL UMBER FIELD SIEVE THORSTE
More informationDynamic System Eigenvalue Extraction using a Linear Echo State Network for Small-Signal Stability Analysis a Novel Application
Dynamic System Eigenvalue Extraction using a Linear Echo State Network for Small-Signal Stability Analysis a Novel Alication Jiaqi Liang, Jing Dai, Ganesh K. Venayagamoorthy, and Ronald G. Harley Abstract
More informationCharacterizing the Behavior of a Probabilistic CMOS Switch Through Analytical Models and Its Verification Through Simulations
Characterizing the Behavior of a Probabilistic CMOS Switch Through Analytical Models and Its Verification Through Simulations PINAR KORKMAZ, BILGE E. S. AKGUL and KRISHNA V. PALEM Georgia Institute of
More informationFlow Velocity Measurement Principles of Hot Film Anemometry
Flow Velocity Measurement Princiles of Hot Film Anemometry The hot film anemometer (HFA) is made of a thin, structured, metallic resistive film ( heater ) which is deosited onto a substrate. In the oerating
More informationA New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES
A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES Hanem M. El-Sheikh, Omayma A. El-Mohsen, Senior Member, IACSIT, Talaat Elgarf, and Abdelhalim Zekry, Senior Member, IACSIT
More informationPARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM
PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM Nabihah Ahmad Department of Electronic Engineering, Faculty of Electrical and Electronic Engineering, Universiti
More information18.312: Algebraic Combinatorics Lionel Levine. Lecture 12
8.3: Algebraic Combinatorics Lionel Levine Lecture date: March 7, Lecture Notes by: Lou Odette This lecture: A continuation of the last lecture: comutation of µ Πn, the Möbius function over the incidence
More informationThe Graph Accessibility Problem and the Universality of the Collision CRCW Conflict Resolution Rule
The Grah Accessibility Problem and the Universality of the Collision CRCW Conflict Resolution Rule STEFAN D. BRUDA Deartment of Comuter Science Bisho s University Lennoxville, Quebec J1M 1Z7 CANADA bruda@cs.ubishos.ca
More informationA Method of Setting the Penalization Constants in the Suboptimal Linear Quadratic Tracking Method
XXVI. ASR '21 Seminar, Instruments and Control, Ostrava, Aril 26-27, 21 Paer 57 A Method of Setting the Penalization Constants in the Subotimal Linear Quadratic Tracking Method PERŮTKA, Karel Ing., Deartment
More informationTheory of Parallel Hardware May 11, 2004 Massachusetts Institute of Technology Charles Leiserson, Michael Bender, Bradley Kuszmaul
Theory of Parallel Hardware May 11, 2004 Massachusetts Institute of Technology 6.896 Charles Leiserson, Michael Bender, Bradley Kuszmaul Final Examination Final Examination ffl Do not oen this exam booklet
More informationOn Using FASTEM2 for the Special Sensor Microwave Imager (SSM/I) March 15, Godelieve Deblonde Meteorological Service of Canada
On Using FASTEM2 for the Secial Sensor Microwave Imager (SSM/I) March 15, 2001 Godelieve Deblonde Meteorological Service of Canada 1 1. Introduction Fastem2 is a fast model (multile-linear regression model)
More informationAnalyses of Orthogonal and Non-Orthogonal Steering Vectors at Millimeter Wave Systems
Analyses of Orthogonal and Non-Orthogonal Steering Vectors at Millimeter Wave Systems Hsiao-Lan Chiang, Tobias Kadur, and Gerhard Fettweis Vodafone Chair for Mobile Communications Technische Universität
More informationRandomness Extraction in finite fields F p
Randomness Extraction in finite fields F n Abdoul Aziz Ciss École doctorale de Mathématiques et d Informatique, Université Cheikh Anta Dio de Dakar, Sénégal BP: 5005, Dakar Fann abdoul.ciss@ucad.edu.sn,
More informationImproved Capacity Bounds for the Binary Energy Harvesting Channel
Imroved Caacity Bounds for the Binary Energy Harvesting Channel Kaya Tutuncuoglu 1, Omur Ozel 2, Aylin Yener 1, and Sennur Ulukus 2 1 Deartment of Electrical Engineering, The Pennsylvania State University,
More informationMathematical Efficiency Modeling of Static Power Converters
Fabrício Hoff Duont Regional Integrated University of Uer Uruguai and Missions (URI Av. Assis Brasil, 9, 980 000 Frederico Westhalen, RS, Brazil Contact: fhd@ieee.org Mathematical Efficiency Modeling of
More informationJohn Weatherwax. Analysis of Parallel Depth First Search Algorithms
Sulementary Discussions and Solutions to Selected Problems in: Introduction to Parallel Comuting by Viin Kumar, Ananth Grama, Anshul Guta, & George Karyis John Weatherwax Chater 8 Analysis of Parallel
More informationDesign of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES
Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES Rajasekar P Assistant Professor, Department of Electronics and Communication Engineering, Kathir College of Engineering, Neelambur,
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More information