Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the HW/SW Co-Design of qTESLA

This paper presents a set of efficient and parameterized hardware accelerators that target post-quantum lattice-based cryptographic schemes, including a versatile cSHAKE core, a binary-search CDT-based Gaussian sampler, and a pipelined NTT-based polynomial multiplier, among others. Unlike much of prior work, the accelerators are fully open-sourced, are designed to be constant-time, and can be parameterized at compile-time to support different parameters without the need for re-writing the hardware implementation. These flexible, publicly-available accelerators are leveraged to demonstrate the first hardware-software co-design using RISC-V of the post-quantum lattice-based signature scheme qTESLA with provably secure parameters. In particular, this work demonstrates that the NIST’s Round 2 level 1 and level 3 qTESLA variants achieve over a 40-100x speedup for key generation, about a 10x speedup for signing, and about a 16x speedup for verification, compared to the baseline RISC-V software-only implementation. For instance, this corresponds to execution in 7.7, 34.4, and 7.8 milliseconds for key generation, signing, and verification, respectively, for qTESLA’s level 1 parameter set on an Artix-7 FPGA, demonstrating the feasibility of the scheme for embedded applications.

Download Full-text

Strongly Secure Certificateless Signature Scheme Supporting Batch Verification

Mathematical Problems in Engineering ◽

10.1155/2014/854135 ◽

2014 ◽

Vol 2014 ◽

pp. 1-11 ◽

Cited By ~ 6

Author(s):

Chun-I Fan ◽

Pei-Hsiu Ho ◽

Yi-Feng Tseng

Keyword(s):

Digital Signature ◽

Signature Scheme ◽

Batch Verification ◽

Level 3 ◽

Hard Problems ◽

Identity Based ◽

Level 1 ◽

Certificateless Signature ◽

Digital Signature Scheme ◽

Level 2

We propose a strongly secure certificateless signature scheme supporting batch verification, which makes it possible for a verifier to verify a set of signatures more efficiently than verifying them one by one. In an identity-based digital signature scheme, private key generator (PKG) knows each user's signing key, so it can generate a signature which is indistinguishable from the signature generated by the user. This is a serious problem because the property of signature nonrepudiation will not be achieved. In our proposed scheme, it is impossible for PKG to produce a signature which is indistinguishable from any signature produced by a user. Compared with existing signature schemes with batch verification, although our proposed scheme is not the most efficient one, it achieves Girault's level-3 security, while the others have Girault's level-1 or level-2 security only. We also formally prove that the proposed scheme is unforgeable and satisfies Girault's level-3 security based on hard problems.

Download Full-text

Classic McEliece on the ARM Cortex-M4

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i3.125-148 ◽

2021 ◽

pp. 125-148

Author(s):

Ming-Shing Chen ◽

Tung Chou

Keyword(s):

Flash Memory ◽

Public Key ◽

Constant Time ◽

Key Generation ◽

The Public ◽

Level 3 ◽

Level 1 ◽

Target Platform

This paper presents a constant-time implementation of Classic McEliece for ARM Cortex-M4. Specifically, our target platform is stm32f4-Discovery, a development board on which the amount of SRAM is not even large enough to hold the public key of the smallest parameter sets of Classic McEliece. Fortunately, the flash memory is large enough, so we use it to store the public key. For the level-1 parameter sets mceliece348864 and mceliece348864f, our implementation takes 582 199 cycles for encapsulation and 2 706 681 cycles for decapsulation. Compared to the level-1 parameter set of FrodoKEM, our encapsulation time is more than 80 times faster, and our decapsulation time is more than 17 times faster. For the level-3 parameter sets mceliece460896 and mceliece460896f, our implementation takes 1 081 335 cycles for encapsulation and 6 535 186 cycles for decapsulation. In addition, our implementation is also able to carry out key generation for the level-1 parameter sets and decapsulation for level-5 parameter sets on the board.

Download Full-text

A Provably Secure Certificateless Proxy Signature Scheme Against Malicious-But-Passive KGC Attacks

The Computer Journal ◽

10.1093/comjnl/bxz122 ◽

2019 ◽

Vol 63 (8) ◽

pp. 1139-1147

Author(s):

Wenjie Yang ◽

Jian Weng ◽

Xinyi Huang ◽

Anjia Yang

Keyword(s):

Standard Model ◽

Proxy Signature ◽

Public Key ◽

Key Generation ◽

Signature Scheme ◽

Interesting Problem ◽

System Parameters ◽

Security Proof ◽

The Standard Model ◽

Provably Secure

Abstract In certificateless proxy signature (CLPS), the key generation center is responsible for initializing the system parameters and can obtain the opportunity to adaptively set some trapdoors in them when wanting to launch some attacks. Until now, how to withstand the malicious-but-passive key generation center (MKGC) attacks in CLPS is still an interesting problem. In this paper, we focus on the challenging issue and introduce a CLPS scheme provably secure in the standard model. To the best of our knowledge, we are the first to demonstrate its security under MKGC attacks by adopting the technology of embedding the classic difficulty problems into the target entity public key rather than the system parameters during the security proof process.

Download Full-text

Anwendung des 10-Gruppenklassifikationssystems nach Robson für den Vergleich eines Perinatalzentrums Level 1 mit einem Level-3-Zentrum

10.1055/s-0040-1717961 ◽

2020 ◽

Author(s):

C Pulvermacher ◽

P van de Vondel ◽

L Gerzen ◽

U Gembruch ◽

W Merz

Keyword(s):

Level 3 ◽

Level 1

Download Full-text

EVALUASI PELATIHAN DI PT. PUPUK KUJANG CIKAMPEK

PSYCHOPEDIA : Jurnal Psikologi Universitas Buana Perjuangan Karawang ◽

10.36805/psikologi.v3i2.714 ◽

2018 ◽

Vol 3 (2) ◽

Author(s):

Lania Muharsih ◽

Ratih Saraswati

Keyword(s):

Training Evaluation ◽

Work Productivity ◽

Learning Behavior ◽

Level 3 ◽

Level 1 ◽

Four Levels ◽

A Company ◽

Level 2 ◽

Evaluation Sheet ◽

Assessment Factor

This study aims to determine the training evaluation at PT. Kujang Fertilizer. PT. Pupuk Kujang is a company engaged in the field of petrochemicals. Evaluation sheet of PT. Fertilizer Kujang is made based on Kirkpatrick's theory which consists of four levels of evaluation, namely reaction, learning, behavior, and results. At level 1, namely reaction, in the evaluation sheet is in accordance with the theory of Kirkpatrick, at level 2 that is learning should be held pretest and posttest but only made scale. At level 3, behavior, according to theory, but on assessment factor number 3, quantity and work productivity should not need to be included because they are included in level 4. At level 4, that is the result, here is still lacking to get a picture of the results of the training that has been carried out because only based on answers from superiors without evidence of any documents. Keywords: Training Evaluation, Kirkpatrick Theory. Penelitian ini bertujuan mengetahui evaluasi training di PT. Pupuk Kujang. PT. Pupuk Kujang merupakan perusahaan yang bergerak di bidang petrokimia. Lembar evaluasi PT. Pupuk Kujang dibuat berdasarkan teori Kirkpatrick yang terdiri dari empat level evaluasi, yaitu reaksi, learning, behavior, dan hasil. Pada level 1 yaitu reaksi, di lembar evaluasi tersebut sudah sesuai dengan teori dari Kirkpatrick, pada level 2 yaitu learning seharusnya diadakan pretest dan posttest namun hanya dibuatkan skala. Pada level 3 yaitu behavior, sudah sesuai teori namun pada faktor penilaian nomor 3 kuantitas dan produktivitas kerja semestinya tidak perlu dimasukkan karena sudah termasuk ke dalam level 4. Pada level 4 yaitu hasil, disini masih sangat kurang untuk mendapatkan gambaran hasil dari pelatihan yang sudah dilaksanakan karena hanya berdasarkan dari jawaban atasan tanpa bukti dokumen apapun. Kata kunci: Evaluasi Pelatihan, Teori Kirkpatrick.

Download Full-text

905 How to prioritise patients and safely resume elective surgery during the Covid-19 pandemic

British Journal of Surgery ◽

10.1093/bjs/znab134.095 ◽

2021 ◽

Vol 108 (Supplement_2) ◽

Author(s):

H Subbiah Ponniah ◽

M Ahmed ◽

T Edwards ◽

J Cobb ◽

E Dean ◽

...

Keyword(s):

Patient Safety ◽

High Risk ◽

Orthopaedic Surgery ◽

Elective Surgery ◽

Paediatric Patients ◽

Level 3 ◽

Level 1 ◽

Surgical Unit

Abstract Introduction There are now over 2.5 million NHS patients awaiting elective surgery, with the most in orthopaedics. We present an algorithm and results for safely and equitably restarting surgery at COVID-light sites. Method An MDT applied the COVID-19 Algorithm for Resuming Elective Surgery (CARES) on 1169 patients awaiting elective orthopaedic surgery. It assessed safety, procedural efficacy, and biopsychosocial factors, to prioritise patients. They were assigned to five categories and underwent surgery at one of three COVID-light sites (1. access to HDU/ITU/Paediatrics/specialist equipment, 2. an NHS elective surgical unit and 3. a private elective surgical unit). Results 21 ‘Urgent’ patients received expedited care; 118 were Level 1/2; 222 were Level 3; 808 were Level 4. In 6 weeks, 355 surgeries were performed, with Urgent and Level 1/2 cases performed soonest (mean 18 days, p < 0.001). 33 high-risk/complex/paediatric patients had surgery at Site 1 and the rest at Sites 2 and 3. No patients contracted COVID-19 within 2 weeks of surgery. Conclusions We validated a widely generalisable model to facilitate resumption of elective surgery in COVID-light sites. It enabled surgery for patients in most suffering, undergoing the most efficacious procedures and/or at highest risk of deterioration, without compromising patient-safety.

Download Full-text

A Provably Secure Certificate-Based Aggregate Signature Scheme

2020 IEEE 6th International Conference on Computer and Communications (ICCC) ◽

10.1109/iccc51575.2020.9344919 ◽

2020 ◽

Author(s):

Weiping Zuo ◽

Yunfang Liu

Keyword(s):

Signature Scheme ◽

Aggregate Signature ◽

Provably Secure

Download Full-text

An Atmospheric Visibility Grading Method Based on Ensemble Learning and Stochastic Weight Average

Atmosphere ◽

10.3390/atmos12070869 ◽

2021 ◽

Vol 12 (7) ◽

pp. 869

Author(s):

Xiuguo Zou ◽

Jiahong Wu ◽

Zhibin Cao ◽

Yan Qian ◽

Shixiu Zhang ◽

...

Keyword(s):

Ensemble Learning ◽

Traffic Accidents ◽

Feature Sets ◽

Atmospheric Visibility ◽

Average Accuracy ◽

Level 3 ◽

Visual Characteristics ◽

Level 1 ◽

Grading Model ◽

Level 2

In order to adequately characterize the visual characteristics of atmospheric visibility and overcome the disadvantages of the traditional atmospheric visibility measurement method with significant dependence on preset reference objects, high cost, and complicated steps, this paper proposed an ensemble learning method for atmospheric visibility grading based on deep neural network and stochastic weight averaging. An experiment was conducted using the scene of an expressway, and three visibility levels were set, i.e., Level 1, Level 2, and Level 3. Firstly, the EfficientNet was transferred to extract the abstract features of the images. Then, training and grading were performed on the feature sets through the SoftMax regression model. Subsequently, the feature sets were ensembled using the method of stochastic weight averaging to obtain the atmospheric visibility grading model. The obtained datasets were input into the grading model and tested. The grading model classified the results into three categories, with the grading accuracy being 95.00%, 89.45%, and 90.91%, respectively, and the average accuracy of 91.79%. The results obtained by the proposed method were compared with those obtained by the existing methods, and the proposed method showed better performance than those of other methods. This method can be used to classify the atmospheric visibility of traffic and reduce the incidence of traffic accidents caused by atmospheric visibility.

Download Full-text

The Magical Number Two, Plus or Minus One: Some Limits on our Capacity for Processing Musical Information

Musicae Scientiae ◽

10.1177/102986490200600205 ◽

2002 ◽

Vol 6 (2) ◽

pp. 185-219 ◽

Cited By ~ 11

Author(s):

Adam Ockelford

Keyword(s):

Cognitive Processing ◽

General Principle ◽

Empirical Work ◽

Theoretical Framework ◽

Musical Structure ◽

Magical Number ◽

Level 3 ◽

Level 1 ◽

Level 2

Like all fields of human artistic endeavour, music is constrained by our cognitive processing requirements and limitations (Swain, 1986; Lerdahl, 1988; Huron, 2001). This articleconsiders particular forms of constraint pertaining to the relationships that the structure-seeking mind (subconsciously) fabricates between perceived musical events. It is proposed that 2±1 may be a universal limitation pertaining to the level of relationships so ideated. That is, in terms of Lewin'S (1987) theoretical framework in which “intervals” can be intuited between the “elements” of musical “spaces”, it is posited that the cognition of musical structure occurs either through intervals (level 1), through intervals between these (level 2), or — in some circumstances — through intervals between these(level 3). This proposition is explored through the psychomusicological model developed by Ockelford (1991, 1993, 1999), which too analyses musical structure in terms of the relationships that may be cognised between its discrete perceptual components. In particular, the model identifies a type of cognitive link through which events (at any level) arefelt to imply others the same or similar — through so-called “zygonic” relationships. This theory suggests a further general principle: that the highest level of relationship inoperation at any given point must be zygonic if the music is to be structurally coherent. Evidence for this, and for the limit on the level of relationships of 2±1, is offeredthrough a series of musical examples, which illustrate a variety of musical organisation in action. Finally, empirical work is suggested to explore further the theoretical ideas that arepresented here.

Download Full-text

Systems biology markup language: Level 2 and beyond

Biochemical Society Transactions ◽

10.1042/bst0311472 ◽

2003 ◽

Vol 31 (6) ◽

pp. 1472-1473 ◽

Cited By ~ 105

Author(s):

A. Finney ◽

M. Hucka

Keyword(s):

Systems Biology ◽

Computational Models ◽

Chemical Species ◽

Biochemical Networks ◽

Markup Language ◽

Exchange Format ◽

Systems Biology Markup Language ◽

Level 3 ◽

Level 1 ◽

Level 2

The SBML (systems biology markup language) is a standard exchange format for computational models of biochemical networks. We continue developing SBML collaboratively with the modelling community to meet their evolving needs. The recently introduced SBML Level 2 includes several enhancements to the original Level 1, and features under development for SBML Level 3 include model composition, multistate chemical species and diagrams.

Download Full-text