A Symmetric FHE Scheme Based on Linear Algebra
|
|
- Egbert McCarthy
- 5 years ago
- Views:
Transcription
1 A Symmetric FHE Scheme Based on Linear Algebra Iti Sharma University College of Engineering, Comuter Science Deartment. Abstract FHE is considered to be Holy Grail of cloud comuting. Many alications of cloud comuting inherently need symmetric keys while very few FHE schemes have been roosed with symmetric keys. Even with the schemes based on ublic key crytograhy a major hurdle has been the accumulation of noise in cihertexts leading to limited size of circuits that can be evaluated using the scheme homomorhically. Noise is eliminated through refresh rocedure, which has been made essentially ossible with ublic keys containing rivate keys as a art. Moreover, refreshing of cihertext is time consuming. We roose here a method of refreshing the cihertext while not disclosing the secret key, that is, in a symmetric crytosystem. Also, our scheme doesn t need any evaluation key thus enabling secure delegation of data rocessing using such scheme. Keywords symmetric FHE, fully homomorhic encrytion, cloud comuting I. INTRODUCTION Emerging alications of cloud comuting and mobile devices involve heavy comutations which instead of running on the lightweight device, are delegated to the cloud, working as a service rovider. The goal in this setting is to utilize the resources of a single owerful service rovider for the work that comutationally weak clients need to erform on their data. This concet of comutation-as-a-service accounts for oularity of cloud comuting, but has many challenges yet to overcome. A major issue concerns the rivacy of user data or user function or both. If the clients inut data is sensitive, we need mechanisms that allow the server to rocess the data while maintaining its rivacy. Crytograhic rimitives with homomorhic roerties have been roosed to ensure this, but ractical Fully Homomorhic Encrytion schemes are very few. If the function to be erformed over data is a rivate function (belongs to certain user or cloud), we need mechanisms to revent other arties from learning anything about the function from the results only. Moreover, it needs symmetric Fully Homomorhic Encrytion schemes. This area has gained recent attention and yet an oen roblem. Homomorhic encrytion has largely been studied in context of ublic key crytosystems. But there are alications which inherently would require symmetric keys. A symmetric FHE and its alications like rivate data rocessing have been roosed in [1] using matrix oerations. Alications like rivate data rocessing and secure delegation of comutation require caabilities of FHE crytosystems, but a major concern could arise from the fact that while delegating comutation to an untrusted arty data can be secured but an evaluation key must be shared so that worker can erform comutations homomorhically. Generation and distribution of the evaluation keys is a roblem. It is more severe in case of ublic crytosystems which involve generation and distribution of ublic keys also. Our Contribution: Poular FHE rimitives are either based on Gentry s bluerint [] like [3, 4 and 5] or on learning with errors roblem like [6 and 7]. The basic construction follows a method of refreshing long cihertexts after certain amount of homomorhic comutations so that the cihertext can be decryted roerly. This construction accounts for most of the execution time and is also resonsible for large key length. We roose a method to develo symmetric key encrytion scheme with fully homomorhic evaluation caabilities based on linear algebra. We roose in this aer a construction for refreshing cihertext, which is easy and efficient. It derives its security from hardness of factorizing a large integer, which is basis of many ublic key crytosystems. Also, the scheme doesn t require an evaluation key. II. RELATED WORK Notion of rivacy homomorhisms was introduced by Rivest, Adleman and Dertouzos [8]. But it was only in 009, when Gentry ublished the first fully homomorhic scheme []. Desite the ractical limitation of high comutational comlexity, it ended the long search for the rivacy homomorhisms. Gentry s bluerint starts from a Somewhat Homomorhic Encrytion scheme which suorts limited number of oerations to be erformed on cihertext homomorhically due to accumulation of noise in cihertext at each ste of comutation. Gentry suggested a bootstraability condition by virtue of which decrytion olynomial is of such a lower degree that allows refreshing of cihertext. Refreshing of cihertext is in the form of re-encrytion, where in the decrytion of cihertext is erformed homomorhically (hence secretly) and it is then encryted under a new key, thus eliminating any noise. This makes the scheme to be fully homomorhic since it can now suort arbitrary number of oerations. Gentry and Halevi [3] described the first imlementation of Gentry's ISSN : Vol. 5 No. 05 May
2 scheme, establishing the unsuitability of FHE schemes for ractical use due to large size of keys and cihertexts. Van Dijk, Gentry, Halevi and Vaikuntanathan resented a fully homomorhic scheme over the integers [4]. The scheme is concetually simle in comarison to the original Gentry's scheme; all oerations are erformed over the integers instead of ideal lattices. However the ublic-key was too large for any ractical system. Coron et al [5] suggested methods to reduce this size of the ublic key down to Õ(λ 7 ) from Õ(λ 10 ). Gentry s scheme erforms encrytion and decrytion on laintext of 1-bit length. Hence, it is intuitive to think that certain oerations could be erformed on several bits in arallel to reduce runtime. Smart and Vercauteren [9] found that the scheme can be imlemented on SIMD(single instruction, multile data) architecture. Smart and Vercauteren [9] resented methods for selecting arameters for Gentry and Halevi s imlementation [3] which use SIMD oerations for the somewhat homomorhic scheme. Ways for constructing a fully homomorhic scheme erforming re-encrytions in arallel and making SIMD oerations useful in ractice were also suggested. The arallel version is.4 times faster than the standard FHE scheme and the cihertext size is reduced by a factor of 1/7. Thus, exloiting arallelism in the constituent algorithms can increase efficiency of a scheme. Major bottleneck in ractical deloyment of FHE schemes based on Gentry s blue rint are large size of keys and high er-gate evaluation time. Brakerski and Vaikuntanathan [6] showed that (leveled) FHE can be based on the hardness of the much more standard learning with error (LWE) roblem. Brakerski, Gentry and Vaikuntanathan [7] refined the main technique in [6] to construct an FHE scheme with asymtotically linear efficiency. Guta and Sharma [1] resented an FHE scheme for symmetric encrytion based on hardness of factorization of large integer, with oerations involving matrix comutations. The key size and comutation time were reduced enough for ractical deloyment. III. GENTRY S BLUEPRINT AND DGHV SCHEME Gentry roosed not only the first fully homomorhic encrytion scheme, but also a general method to construct fully homomorhic systems [3]. Gentry s construction roceeds in successive stes: first a somewhat homomorhic scheme is used. Secondly Gentry shows how to squash the decrytion rocedure so that it can be exressed as a low degree olynomial in the bits of the cihertext and the secret key (equivalently a circuit of small deth). Then the breakthrough idea consists in evaluating this decrytion olynomial not on the bits of the cihertext and the secret key (as in regular decrytion), but homomorhically on the encrytion of those bits. Then instead of recovering the bit laintext, one gets an encrytion of this bit laintext, i.e. yet another cihertext for the same laintext. Now if the degree of the decrytion olynomial is small enough, the resulting noise in this new cihertext can be smaller than in the original cihertext; this is called the cihertext refresh rocedure. Given two refreshed cihertexts one can aly again the homomorhic oeration (either addition or multilication), which was not necessarily ossible on the original cihertexts because of the noise threshold. Using this cihertext refresh rocedure the number of ermissible homomorhic oerations becomes unlimited and we get a fully homomorhic encrytion scheme. The rerequisite for the cihertext refresh rocedure is that the degree of the olynomial that can be evaluated on cihertexts exceeds the degree of the decrytion olynomial (times two, since one must allow for a subsequent addition or multilication of refreshed cihertexts); this is called the bootstraability condition. Once the scheme becomes bootstraable it can be converted into a fully homomorhic encrytion scheme by roviding the encrytion of the secret key bits inside the ublic key. To gain a deeer understanding, we describe below the scheme due to van Dijk et al [4]. The first ste is to describe a Somewhat Homomorhic Encrytion scheme. It uses the following four arameters (all olynomial in the security arameter λ): γ is the bit-length of the integers in the ublic key, η is the bit-length of the secret key (which is the hidden aroximate-gcd of all the ublic-key integers), ρ is the bit-length of the noise (i.e., the distance between the ublic key elements and the nearest multiles of the secret key), and τ is the number of integers in the ublic key. Also there is a secondary noise arameter ρ = ρ + ω(log λ). $ KeyGen(λ). The secret key is an odd η-bit integer: ( + 1) [η 1, η). $ For the ublic key, samle xi Dγ, ρ( ) for i = 0,, τ. Relabel so that x 0 is the largest. Restart unless x0 is odd and r (x 0 ) is even. The ublic key is k = (x 0, x 1,, x τ ). Encryt(k, m {0, 1}). Choose a random subset S {1,,, τ} and a random integer r in ( ρ, ρ ), and outut ISSN : Vol. 5 No. 05 May
3 c m+ r+ xi i S x0 Evaluate(k,C, c 1,, c t ). Given the (binary) circuit C with t inuts, and t cihertexts c i, aly the (integer) addition and multilication gates of C to the cihertexts, erforming all the oerations over the integers, and return the resulting integer. Decryt(sk, c). Outut m (c mod ) mod. The next ste is to squash the decrytion circuit of the above scheme, namely transform the scheme into one with the same homomorhic caacity but a decrytion circuit that is simle enough to allow bootstraing. For this we need few more arameters κ, θ, Θ, articularly κ =, γη/ρ θ = λ, and Θ= ω(κ log λ). The modified algorithms are as follows. KeyGen. Generate sk * = and k as before. Set x κ/, choose at random a Θ -bit vector with Hamming weight θ, s s,..., s, and let S = {i : s i = 1}. κ Choose at random integers u i [0, ), i = 1,,Θ, subject to the condition that (mod κ + u ) i = x. i S Set y i = u i / κ and y y,..., y Hence each yi is a ositive number smaller than two, with κ bits of recision after the binary oint. Also, κ yi = (1 ) for some <. i S Outut the secret key sk = s and ublic key k = (k, y ). Encryt and Evaluate. Generate a cihertext c as before (i.e., an integer). Then for i {1,,Θ}, set zi [c y i ], keeing only n = log θ + 3 bits of recision after the binary oint for each z i. Outut both c and z z,..., z. Decryt. Outut m [c sz ] i i. i The scheme is now bootstraable and fully homomorhic. IV. PROPOSED SCHEME We roose a somewhat homomorhic encrytion scheme based on the idea from [4] and then roceed to make it fully homomorhic through a refresh rocedure which requires an extra key called the refresh key. Encrytion and decrytion uses symmetric keys while no key is required for evaluation of homomorhic functions over the cihertexts. The context used is symmetric crytograhy that is using only one secret key for both encrytion and decrytion. Another key called refresh key is used and made ublic for evaluation but does not reveal the secret key. A. Primitives Let λ be the security arameter in context of an equivalent comutational effort of λ cycles. Message sace is (0,1). The scheme consists of following rimitives: Key generation: Generate the secret key, a rime number of length λ bits. Select q as refresh key such that it is an even multile of, that is q = k, where k is an even number. Encrytion: Encrytion is robabilistic, a many-to-one maing Enc : Z, thus converting the message bit into an integer, and a message may have several encrytions. Encrytion involves following stes: 1. Choose m' such that m m' mod. Choose a random number r of length λ bits 3. Outut c = m' + r Decrytion: The decrytion needs to be inversion of the encrytion rocess, a maing Dec : Z. It is a very simle and efficient oeration roducing outut, the message as m = c mod mod. Homomorhic Oerations: Addition of two laintext bits, that is XOR oeration is homomorhic to direct addition of two cihertexts (integers). Multilication of two laintext bits, that is AND oeration is homomorhic to integer multilication of two cihertexts. ISSN : Vol. 5 No. 05 May
4 The above scheme is somewhat homomorhic due to the roblem of accumulation of noise. That is after a few oerations the noise in cihertext may exceed beyond the level making its decrytion incorrect. Hence we need a refresh rocedure to eliminate noise from cihertext without decryting. This is beneficial for delegating a comutation so that worker can reduce noise in cihertext in the absence of decrytion key. For this urose we need a refresh key q. Refresh rocedure: Deriving the basic concet of refreshing a cihertext to make a scheme fully homomorhic from Gentry s bluerint [CG], we design the refresh key so as to contain the secret key in art. But we do not emloy the concet of bootstraing here like in [CG], rather the refresh rocedure is very simle and efficient one-ste rocedure. The refreshed cihertext is oututted as c = c mod q. B. Comarison with existing schemes The factors uon which an FHE scheme can be comared with others are key size, cihertext size (exansion of laintext due to encrytion) and comutation overhead. The overhead is defined as the ratio of the time taken for a comutation homomorhically over cihertext to the time taken to comute on laintext. We resent this comarison of our roosed scheme with the existing oular schemes in Table 1. In context of our scheme, we see the secret key is of length λ bits and refresh key is of length O(λ log λ ) bits, which is very smaller as comared to the key sizes in many of the Gentry s blue-rint based FHE schemes. The cihertext size for a onebit laintext is dominated by the length of roduct of and r. This gives the length of O(λ ) bits. For comutation overhead, we take multilication oeration because it is costlier. Consider two laintexts of size 1 bit. The cost of AND oeration is O(1), while homomorhically it is erformed as multilication of two integers of size λ bits, imlying effort of O( λ 4 ). The XOR oeration erformed as addition of two integers is less 4 costly than multilication oeration, hence the comutation overhead is dominated by the effort of. TABLE I COMPARISON OF PROPOSED SCHEME WITH OTHER FHE SCHEMES Parameters Encrytion Key Size FHE Schemes DGHV BGV Proosed Scheme 10 Equal to laintext Comutation Overhead 3.5 Ω ( λ ) O λ ( ) 4 Plaintext Exansion O(log λ ) 3 Encrytion Key Size 10 Equal to laintext C. Security of the scheme Security is the first and foremost asect in crytograhy. When considering security of certain crytosystem we aim to find out the amount of effort required by an adversary to discover the key from some amount of other information. Security of the secret key can be based on the difficulty of factorization of the declared key q, which contains as factor. Thus, our scheme derives security from hardness of Integer Factorization, similar to many oular crytosystems. The brute-force security of our scheme deends on the length of key, hence which is considered sufficiently secure for λ =80. V. CONCLUSIONS AND FUTURE SCOPE Cloud comuting alications suffer from a major concern about security. This can be ensured through encrytion but it doesn t allow for secure delegation of data rocessing. Here, fully homomorhic encrytion is most useful since it allows rocessing of encryted data. There is dearth of ractically feasible FHE solutions. A few efficient FHE schemes available use ublic crytograhy, while many alications inherently require symmetric keys. Hence, we have roosed a symmetric FHE scheme which works with laintext bits to convert them into integers using linear algebra. We have roosed a novel method of refreshing cihertexts to reduce their length after certain number of oerations. The security of the roosed scheme is based on the difficulty of large integer factorization. The scheme can be more generalized to work on integers rather than bits. It would not only lead to an extended scheme rather an imroved scheme. Also, arallelization of oerations to work on several bits together ISSN : Vol. 5 No. 05 May
5 can also be a ossible extension. Such scheme cannot be directly aroached since the rimitives involve random numbers which are different for each laintext. Direct arallelization of oerations can only be imlemented when erforming homomorhic oerations. In this case, efficiency imrovement will deend on the comutation being erformed and cannot be considered as a factor of efficiency for the FHE scheme. REFERENCES [1] C.Guta and I. Sharma, A fully homomorhic encrytion scheme with symmetric keys with alication to rivate data rocessing in clouds, Proceedings of Networks of the Future (NOF), 013 Fourth International Conference..1-4, 3-5 Oct [] C. Gentry, A Fully Homomorhic Encrytion scheme, Dissertation. Se 009. Available at htts://cryto.stanford.edu/craig/craigthesis. [3] C. Gentry and S. Halevi, Imlementing Gentry's fully homomorhic encrytion scheme, EURO-CRYPT 011, LNCS, Sringer, K. Paterson (Ed.),011. [4] M. van Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan, Fully homomorhic encrytion over the integers, Proceedings of Eurocryt-10, Lecture Notes in Comuter Science, vol 6110,. Sringer, 4-43, 010. [5] J.-S. Coron, A. Mandal, D. Naccache, and M. Tibouchi. Fully homomorhic encrytion over the integers with shorter ublic-keys, Advances in Crytology - Proc. CRYPTO 011, vol of Lecture Notes in Comuter Science. Sringer, 011. [6] Z. Brakerski and V. Vaikuntanathan, Efficient fully homomorhic encrytion from (standard) LWE, Foundations of Comuter Science, 011. Also available at Crytology eprint Archive, Reort 011/344. [7] Z. Brakerski, C. Gentry, and V. Vaikuntanathan, Fully homomorhic encrytion without bootstraing, Crytology eprint Archive, Reort 011/77. [8] R. Rivest, L. Adleman, and M. Dertouzos, On data banks and rivacy homomorhisms, Foundations of Secure Comutation, , [9] N. P. Smart and F. Vercauteren, Fully homomorhic SIMD oerations, Crytology eprint Archive, Reort 011/133. ISSN : Vol. 5 No. 05 May
Privacy Preserving Moving KNN Queries
Privacy Preserving Moving KNN Queries arxiv:4.76v [cs.db] 4 Ar Tanzima Hashem Lars Kulik Rui Zhang National ICT Australia, Deartment of Comuter Science and Software Engineering University of Melbourne,
More informationIEEE P /D1 Draft Standard for Identity-based Public-key Cryptography Using Pairings
IEEE /D, Aril IEEE /D Draft Standard for Identity-based ublic-key Crytograhy Using airings reared by the Working Grou of the Microrocessor Standards Committee Coyright by the Institute of Electrical
More informationProtecting Mobile Agents against Malicious Host Attacks Using Threat Diagnostic AND/OR Tree
Protecting Mobile Agents against Malicious Host Attacks Using Threat Diagnostic AND/OR Tree Magdy Saeb, Meer Hamza, Ashraf Soliman. Arab Academy for Science, Technology & Maritime Transort Comuter Engineering
More informationA DEA-bases Approach for Multi-objective Design of Attribute Acceptance Sampling Plans
Available online at htt://ijdea.srbiau.ac.ir Int. J. Data Enveloment Analysis (ISSN 2345-458X) Vol.5, No.2, Year 2017 Article ID IJDEA-00422, 12 ages Research Article International Journal of Data Enveloment
More informationLeak Detection Modeling and Simulation for Oil Pipeline with Artificial Intelligence Method
ITB J. Eng. Sci. Vol. 39 B, No. 1, 007, 1-19 1 Leak Detection Modeling and Simulation for Oil Pieline with Artificial Intelligence Method Pudjo Sukarno 1, Kuntjoro Adji Sidarto, Amoranto Trisnobudi 3,
More informationAUTOMATIC GENERATION OF HIGH THROUGHPUT ENERGY EFFICIENT STREAMING ARCHITECTURES FOR ARBITRARY FIXED PERMUTATIONS. Ren Chen and Viktor K.
inuts er clock cycle Streaming ermutation oututs er clock cycle AUTOMATIC GENERATION OF HIGH THROUGHPUT ENERGY EFFICIENT STREAMING ARCHITECTURES FOR ARBITRARY FIXED PERMUTATIONS Ren Chen and Viktor K.
More informationEfficient Processing of Top-k Dominating Queries on Multi-Dimensional Data
Efficient Processing of To-k Dominating Queries on Multi-Dimensional Data Man Lung Yiu Deartment of Comuter Science Aalborg University DK-922 Aalborg, Denmark mly@cs.aau.dk Nikos Mamoulis Deartment of
More informationSensitivity Analysis for an Optimal Routing Policy in an Ad Hoc Wireless Network
1 Sensitivity Analysis for an Otimal Routing Policy in an Ad Hoc Wireless Network Tara Javidi and Demosthenis Teneketzis Deartment of Electrical Engineering and Comuter Science University of Michigan Ann
More informationA Novel Iris Segmentation Method for Hand-Held Capture Device
A Novel Iris Segmentation Method for Hand-Held Cature Device XiaoFu He and PengFei Shi Institute of Image Processing and Pattern Recognition, Shanghai Jiao Tong University, Shanghai 200030, China {xfhe,
More informationAn Efficient Coding Method for Coding Region-of-Interest Locations in AVS2
An Efficient Coding Method for Coding Region-of-Interest Locations in AVS2 Mingliang Chen 1, Weiyao Lin 1*, Xiaozhen Zheng 2 1 Deartment of Electronic Engineering, Shanghai Jiao Tong University, China
More informationLecture 18. Today, we will discuss developing algorithms for a basic model for parallel computing the Parallel Random Access Machine (PRAM) model.
U.C. Berkeley CS273: Parallel and Distributed Theory Lecture 18 Professor Satish Rao Lecturer: Satish Rao Last revised Scribe so far: Satish Rao (following revious lecture notes quite closely. Lecture
More informationRandomized algorithms: Two examples and Yao s Minimax Principle
Randomized algorithms: Two examles and Yao s Minimax Princile Maximum Satisfiability Consider the roblem Maximum Satisfiability (MAX-SAT). Bring your knowledge u-to-date on the Satisfiability roblem. Maximum
More informationThe VEGA Moderately Parallel MIMD, Moderately Parallel SIMD, Architecture for High Performance Array Signal Processing
The VEGA Moderately Parallel MIMD, Moderately Parallel SIMD, Architecture for High Performance Array Signal Processing Mikael Taveniku 2,3, Anders Åhlander 1,3, Magnus Jonsson 1 and Bertil Svensson 1,2
More informationLMAC:A Lightweight Message Authentication Code for Wireless Sensor Network
LMAC:A Lightweight Message Authentication Code for Wireless Sensor Network Amrita Roy Chowdhury Det. of Comuter Sc. & Tech. Indian Institute of Engineering Science & Technology Shibur, Howrah, India amrita.rc94@gmail.com
More informationA Study of Protocols for Low-Latency Video Transport over the Internet
A Study of Protocols for Low-Latency Video Transort over the Internet Ciro A. Noronha, Ph.D. Cobalt Digital Santa Clara, CA ciro.noronha@cobaltdigital.com Juliana W. Noronha University of California, Davis
More informationHOMOMORPHIC ENCRYPTION: A SURVEY
HOMOMORPHIC ENCRYPTION: A SURVEY Daniel Okunbor and Chekad Sarami Department of Mathematics and Computer Science Fayetteville State University Fayetteville, NC 28301 {diokunbor, csarami}@uncfsu.edu) Abstract:
More informationAn Efficient Video Program Delivery algorithm in Tree Networks*
3rd International Symosium on Parallel Architectures, Algorithms and Programming An Efficient Video Program Delivery algorithm in Tree Networks* Fenghang Yin 1 Hong Shen 1,2,** 1 Deartment of Comuter Science,
More informationApplying the fuzzy preference relation to the software selection
Proceedings of the 007 WSEAS International Conference on Comuter Engineering and Alications, Gold Coast, Australia, January 17-19, 007 83 Alying the fuzzy reference relation to the software selection TIEN-CHIN
More informationSkip List Based Authenticated Data Structure in DAS Paradigm
009 Eighth International Conference on Grid and Cooerative Comuting Ski List Based Authenticated Data Structure in DAS Paradigm Jieing Wang,, Xiaoyong Du,. Key Laboratory of Data Engineering and Knowledge
More informationAn Efficient VLSI Architecture for Adaptive Rank Order Filter for Image Noise Removal
International Journal of Information and Electronics Engineering, Vol. 1, No. 1, July 011 An Efficient VLSI Architecture for Adative Rank Order Filter for Image Noise Removal M. C Hanumantharaju, M. Ravishankar,
More informationA BICRITERION STEINER TREE PROBLEM ON GRAPH. Mirko VUJO[EVI], Milan STANOJEVI] 1. INTRODUCTION
Yugoslav Journal of Oerations Research (00), umber, 5- A BICRITERIO STEIER TREE PROBLEM O GRAPH Mirko VUJO[EVI], Milan STAOJEVI] Laboratory for Oerational Research, Faculty of Organizational Sciences University
More informationIMS Network Deployment Cost Optimization Based on Flow-Based Traffic Model
IMS Network Deloyment Cost Otimization Based on Flow-Based Traffic Model Jie Xiao, Changcheng Huang and James Yan Deartment of Systems and Comuter Engineering, Carleton University, Ottawa, Canada {jiexiao,
More informationFace Recognition Using Legendre Moments
Face Recognition Using Legendre Moments Dr.S.Annadurai 1 A.Saradha Professor & Head of CSE & IT Research scholar in CSE Government College of Technology, Government College of Technology, Coimbatore, Tamilnadu,
More informationEfficient Parallel Hierarchical Clustering
Efficient Parallel Hierarchical Clustering Manoranjan Dash 1,SimonaPetrutiu, and Peter Scheuermann 1 Deartment of Information Systems, School of Comuter Engineering, Nanyang Technological University, Singaore
More informationPublic Key Cryptosystems RSA
Public Key Crytosystems RSA 57 17 Receiver Sender 41 19 and rime 53 Attacker 47 Public Key Crytosystems RSA Comute numbers n = * 2337 323 57 17 Receiver Sender 41 19 and rime 53 Attacker 2491 47 Public
More informationSHE AND FHE. Hammad Mushtaq ENEE759L March 10, 2014
SHE AND FHE Hammad Mushtaq ENEE759L March 10, 2014 Outline Introduction Needs Analogy Somewhat Homomorphic Encryption (SHE) RSA, EL GAMAL (MULT) Pallier (XOR and ADD) Fully Homomorphic Encryption (FHE)
More informationStereo Disparity Estimation in Moment Space
Stereo Disarity Estimation in oment Sace Angeline Pang Faculty of Information Technology, ultimedia University, 63 Cyberjaya, alaysia. angeline.ang@mmu.edu.my R. ukundan Deartment of Comuter Science, University
More informationImplementation of Evolvable Fuzzy Hardware for Packet Scheduling Through Online Context Switching
Imlementation of Evolvable Fuzzy Hardware for Packet Scheduling Through Online Context Switching Ju Hui Li, eng Hiot Lim and Qi Cao School of EEE, Block S Nanyang Technological University Singaore 639798
More informationA Scalable Parallel Approach for Peptide Identification from Large-scale Mass Spectrometry Data
2009 International Conference on Parallel Processing Workshos A Scalable Parallel Aroach for Petide Identification from Large-scale Mass Sectrometry Data Gaurav Kulkarni, Ananth Kalyanaraman School of
More informationAn Indexing Framework for Structured P2P Systems
An Indexing Framework for Structured P2P Systems Adina Crainiceanu Prakash Linga Ashwin Machanavajjhala Johannes Gehrke Carl Lagoze Jayavel Shanmugasundaram Deartment of Comuter Science, Cornell University
More informationProbabilistic Visual Cryptography Schemes
The Comuter Journal Advance Access ublished December, 25 The Author 25. Published by Oxford University Press on behalf of The British Comuter Society. All rights reserved. For Permissions, lease email:
More informationOMNI: An Efficient Overlay Multicast. Infrastructure for Real-time Applications
OMNI: An Efficient Overlay Multicast Infrastructure for Real-time Alications Suman Banerjee, Christoher Kommareddy, Koushik Kar, Bobby Bhattacharjee, Samir Khuller Abstract We consider an overlay architecture
More informationJ. Parallel Distrib. Comput.
J. Parallel Distrib. Comut. 71 (2011) 288 301 Contents lists available at ScienceDirect J. Parallel Distrib. Comut. journal homeage: www.elsevier.com/locate/jdc Quality of security adatation in arallel
More informationEnsemble Learning Based on Parametric Triangular Norms
Send Orders for Rerints to rerints@benthamscience.ae The Oen Automation and Control Systems Journal, 2014, 6, 997-1003 997 Ensemble Learning Based on Parametric Triangular Norms Oen Access Pengtao Jia
More informationImproved heuristics for the single machine scheduling problem with linear early and quadratic tardy penalties
Imroved heuristics for the single machine scheduling roblem with linear early and quadratic tardy enalties Jorge M. S. Valente* LIAAD INESC Porto LA, Faculdade de Economia, Universidade do Porto Postal
More informationsearch(i): Returns an element in the data structure associated with key i
CS161 Lecture 7 inary Search Trees Scribes: Ilan Goodman, Vishnu Sundaresan (2015), Date: October 17, 2017 Virginia Williams (2016), and Wilbur Yang (2016), G. Valiant Adated From Virginia Williams lecture
More informationSEARCH ENGINE MANAGEMENT
e-issn 2455 1392 Volume 2 Issue 5, May 2016. 254 259 Scientific Journal Imact Factor : 3.468 htt://www.ijcter.com SEARCH ENGINE MANAGEMENT Abhinav Sinha Kalinga Institute of Industrial Technology, Bhubaneswar,
More informationVehicle Logo Recognition Using Modest AdaBoost and Radial Tchebichef Moments
Proceedings of 0 4th International Conference on Machine Learning and Comuting IPCSIT vol. 5 (0) (0) IACSIT Press, Singaore Vehicle Logo Recognition Using Modest AdaBoost and Radial Tchebichef Moments
More informationLecture 2: Fixed-Radius Near Neighbors and Geometric Basics
structure arises in many alications of geometry. The dual structure, called a Delaunay triangulation also has many interesting roerties. Figure 3: Voronoi diagram and Delaunay triangulation. Search: Geometric
More informationMatlab Virtual Reality Simulations for optimizations and rapid prototyping of flexible lines systems
Matlab Virtual Reality Simulations for otimizations and raid rototying of flexible lines systems VAMVU PETRE, BARBU CAMELIA, POP MARIA Deartment of Automation, Comuters, Electrical Engineering and Energetics
More informationMultipoint Filtering with Local Polynomial Approximation and Range Guidance
Multioint Filtering with Local Polynomial Aroximation and Range Guidance Xiao Tan, Changming Sun, and Tuan D. Pham The University of New South Wales, Canberra, ACT 2600, Australia CSIRO Comutational Informatics,
More informationFast Distributed Process Creation with the XMOS XS1 Architecture
Communicating Process Architectures 20 P.H. Welch et al. (Eds.) IOS Press, 20 c 20 The authors and IOS Press. All rights reserved. Fast Distributed Process Creation with the XMOS XS Architecture James
More informationCENTRAL AND PARALLEL PROJECTIONS OF REGULAR SURFACES: GEOMETRIC CONSTRUCTIONS USING 3D MODELING SOFTWARE
CENTRAL AND PARALLEL PROJECTIONS OF REGULAR SURFACES: GEOMETRIC CONSTRUCTIONS USING 3D MODELING SOFTWARE Petra Surynková Charles University in Prague, Faculty of Mathematics and Physics, Sokolovská 83,
More informationSpaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services
SaceTwist: Managing the Trade-Offs Among Location Privacy, Query Performance, and Query Accuracy in Mobile Services Man Lung Yiu, Christian S. Jensen, Xuegang Huang, Hua Lu Deartment of Comuter Science,
More informationCryptanalysis of Brenner et al. s Somewhat Homomorphic Encryption Scheme
Proceedings of the Eleventh Australasian Information Security Conference (AISC 2013), Adelaide, Australia Cryptanalysis of Brenner et al. s Somewhat Homomorphic Encryption Scheme Russell Paulet Xun Yi
More informationIntroduction to Parallel Algorithms
CS 1762 Fall, 2011 1 Introduction to Parallel Algorithms Introduction to Parallel Algorithms ECE 1762 Algorithms and Data Structures Fall Semester, 2011 1 Preliminaries Since the early 1990s, there has
More informationPatterned Wafer Segmentation
atterned Wafer Segmentation ierrick Bourgeat ab, Fabrice Meriaudeau b, Kenneth W. Tobin a, atrick Gorria b a Oak Ridge National Laboratory,.O.Box 2008, Oak Ridge, TN 37831-6011, USA b Le2i Laboratory Univ.of
More informationProcess and Measurement System Capability Analysis
Process and Measurement System aability Analysis Process caability is the uniformity of the rocess. Variability is a measure of the uniformity of outut. Assume that a rocess involves a quality characteristic
More informationA Model-Adaptable MOSFET Parameter Extraction System
A Model-Adatable MOSFET Parameter Extraction System Masaki Kondo Hidetoshi Onodera Keikichi Tamaru Deartment of Electronics Faculty of Engineering, Kyoto University Kyoto 66-1, JAPAN Tel: +81-7-73-313
More informationImproved Image Super-Resolution by Support Vector Regression
Proceedings of International Joint Conference on Neural Networks, San Jose, California, USA, July 3 August 5, 0 Imroved Image Suer-Resolution by Suort Vector Regression Le An and Bir Bhanu Abstract Suort
More informationSomewhat Homomorphic Encryption
Somewhat Homomorphic Encryption Craig Gentry and Shai Halevi June 3, 2014 China Summer School on Lattices and Cryptography Part 1: Homomorphic Encryption: Background, Applications, Limitations Computing
More informationSensitivity of multi-product two-stage economic lotsizing models and their dependency on change-over and product cost ratio s
Sensitivity two stage EOQ model 1 Sensitivity of multi-roduct two-stage economic lotsizing models and their deendency on change-over and roduct cost ratio s Frank Van den broecke, El-Houssaine Aghezzaf,
More informationI ACCEPT NO RESPONSIBILITY FOR ERRORS ON THIS SHEET. I assume that E = (V ).
1 I ACCEPT NO RESPONSIBILITY FOR ERRORS ON THIS SHEET. I assume that E = (V ). Data structures Sorting Binary heas are imlemented using a hea-ordered balanced binary tree. Binomial heas use a collection
More informationCollective communication: theory, practice, and experience
CONCURRENCY AND COMPUTATION: PRACTICE AND EXPERIENCE Concurrency Comutat.: Pract. Exer. 2007; 19:1749 1783 Published online 5 July 2007 in Wiley InterScience (www.interscience.wiley.com)..1206 Collective
More informationAutonomic Physical Database Design - From Indexing to Multidimensional Clustering
Autonomic Physical Database Design - From Indexing to Multidimensional Clustering Stehan Baumann, Kai-Uwe Sattler Databases and Information Systems Grou Technische Universität Ilmenau, Ilmenau, Germany
More informationarxiv: v1 [cs.mm] 18 Jan 2016
Lossless Intra Coding in with 3-ta Filters Saeed R. Alvar a, Fatih Kamisli a a Deartment of Electrical and Electronics Engineering, Middle East Technical University, Turkey arxiv:1601.04473v1 [cs.mm] 18
More informationEE678 Application Presentation Content Based Image Retrieval Using Wavelets
EE678 Alication Presentation Content Based Image Retrieval Using Wavelets Grou Members: Megha Pandey megha@ee. iitb.ac.in 02d07006 Gaurav Boob gb@ee.iitb.ac.in 02d07008 Abstract: We focus here on an effective
More informationFace Recognition Based on Wavelet Transform and Adaptive Local Binary Pattern
Face Recognition Based on Wavelet Transform and Adative Local Binary Pattern Abdallah Mohamed 1,2, and Roman Yamolskiy 1 1 Comuter Engineering and Comuter Science, University of Louisville, Louisville,
More informationParametric Optimization in WEDM of WC-Co Composite by Neuro-Genetic Technique
Parametric Otimization in WEDM of WC-Co Comosite by Neuro-Genetic Technique P. Saha*, P. Saha, and S. K. Pal Abstract The resent work does a multi-objective otimization in wire electro-discharge machining
More informationSubmission. Verifying Properties Using Sequential ATPG
Verifying Proerties Using Sequential ATPG Jacob A. Abraham and Vivekananda M. Vedula Comuter Engineering Research Center The University of Texas at Austin Austin, TX 78712 jaa, vivek @cerc.utexas.edu Daniel
More informationSPITFIRE: Scalable Parallel Algorithms for Test Set Partitioned Fault Simulation
To aear in IEEE VLSI Test Symosium, 1997 SITFIRE: Scalable arallel Algorithms for Test Set artitioned Fault Simulation Dili Krishnaswamy y Elizabeth M. Rudnick y Janak H. atel y rithviraj Banerjee z y
More informationDirected File Transfer Scheduling
Directed File Transfer Scheduling Weizhen Mao Deartment of Comuter Science The College of William and Mary Williamsburg, Virginia 387-8795 wm@cs.wm.edu Abstract The file transfer scheduling roblem was
More informationTools for Computing on Encrypted Data
Tools for Computing on Encrypted Data Scribe: Pratyush Mishra September 29, 2015 1 Introduction Usually when analyzing computation of encrypted data, we would like to have three properties: 1. Security:
More informationA Morphological LiDAR Points Cloud Filtering Method based on GPGPU
A Morhological LiDAR Points Cloud Filtering Method based on GPGPU Shuo Li 1, Hui Wang 1, Qiuhe Ma 1 and Xuan Zha 2 1 Zhengzhou Institute of Surveying & Maing, No.66, Longhai Middle Road, Zhengzhou, China
More informationRandomized Selection on the Hypercube 1
Randomized Selection on the Hyercube 1 Sanguthevar Rajasekaran Det. of Com. and Info. Science and Engg. University of Florida Gainesville, FL 32611 ABSTRACT In this aer we resent randomized algorithms
More informationSource-to-Source Code Generation Based on Pattern Matching and Dynamic Programming
Source-to-Source Code Generation Based on Pattern Matching and Dynamic Programming Weimin Chen, Volker Turau TR-93-047 August, 1993 Abstract This aer introduces a new technique for source-to-source code
More informationApplication of Fuzzy X S Charts for Solder Paste Thickness
Global Journal of Pure and Alied Mathematics ISSN 0973-1768 Volume 12 Number 5 (2016) 4299-4315 Research India Publications htt://wwwriublicationcom/gjamhtm Alication of Fuzzy X S Charts for Solder Paste
More information2-D Fir Filter Design And Its Applications In Removing Impulse Noise In Digital Image
-D Fir Filter Design And Its Alications In Removing Imulse Noise In Digital Image Nguyen Thi Huyen Linh 1, Luong Ngoc Minh, Tran Dinh Dung 3 1 Faculty of Electronic and Electrical Engineering, Hung Yen
More informationRTL Fast Convolution using the Mersenne Number Transform
RTL Fast Convolution using the Mersenne Number Transform Oscar N. Bria and Horacio A. Villagarcía o.bria@ieee.org CeTAD - - Argentina Abstract VHDL is a versatile high level language for the secification
More informationSignature File Hierarchies and Signature Graphs: a New Index Method for Object-Oriented Databases
Signature File Hierarchies and Signature Grahs: a New Index Method for Object-Oriented Databases Yangjun Chen* and Yibin Chen Det. of Business Comuting University of Winnieg, Manitoba, Canada R3B 2E9 ABSTRACT
More informationTexture Mapping with Vector Graphics: A Nested Mipmapping Solution
Texture Maing with Vector Grahics: A Nested Mimaing Solution Wei Zhang Yonggao Yang Song Xing Det. of Comuter Science Det. of Comuter Science Det. of Information Systems Prairie View A&M University Prairie
More information521493S Computer Graphics Exercise 3 (Chapters 6-8)
521493S Comuter Grahics Exercise 3 (Chaters 6-8) 1 Most grahics systems and APIs use the simle lighting and reflection models that we introduced for olygon rendering Describe the ways in which each of
More informationRST(0) RST(1) RST(2) RST(3) RST(4) RST(5) P4 RSR(0) RSR(1) RSR(2) RSR(3) RSR(4) RSR(5) Processor 1X2 Switch 2X1 Switch
Sub-logarithmic Deterministic Selection on Arrays with a Recongurable Otical Bus 1 Yijie Han Electronic Data Systems, Inc. 750 Tower Dr. CPS, Mail Sto 7121 Troy, MI 48098 Yi Pan Deartment of Comuter Science
More informationin Distributed Systems Department of Computer Science, Keio University into four forms according to asynchrony and real-time properties.
Asynchrony and Real-Time in Distributed Systems Mario Tokoro? and Ichiro Satoh?? Deartment of Comuter Science, Keio University 3-14-1, Hiyoshi, Kohoku-ku, Yokohama, 223, Jaan Tel: +81-45-56-115 Fax: +81-45-56-1151
More informationLecture 8: Orthogonal Range Searching
CPS234 Comutational Geometry Setember 22nd, 2005 Lecture 8: Orthogonal Range Searching Lecturer: Pankaj K. Agarwal Scribe: Mason F. Matthews 8.1 Range Searching The general roblem of range searching is
More informationMulticast in Wormhole-Switched Torus Networks using Edge-Disjoint Spanning Trees 1
Multicast in Wormhole-Switched Torus Networks using Edge-Disjoint Sanning Trees 1 Honge Wang y and Douglas M. Blough z y Myricom Inc., 325 N. Santa Anita Ave., Arcadia, CA 916, z School of Electrical and
More information10. Parallel Methods for Data Sorting
10. Parallel Methods for Data Sorting 10. Parallel Methods for Data Sorting... 1 10.1. Parallelizing Princiles... 10.. Scaling Parallel Comutations... 10.3. Bubble Sort...3 10.3.1. Sequential Algorithm...3
More informationTiling for Performance Tuning on Different Models of GPUs
Tiling for Performance Tuning on Different Models of GPUs Chang Xu Deartment of Information Engineering Zhejiang Business Technology Institute Ningbo, China colin.xu198@gmail.com Steven R. Kirk, Samantha
More informationUsing Rational Numbers and Parallel Computing to Efficiently Avoid Round-off Errors on Map Simplification
Using Rational Numbers and Parallel Comuting to Efficiently Avoid Round-off Errors on Ma Simlification Maurício G. Grui 1, Salles V. G. de Magalhães 1,2, Marcus V. A. Andrade 1, W. Randolh Franklin 2,
More informationPRO: a Model for Parallel Resource-Optimal Computation
PRO: a Model for Parallel Resource-Otimal Comutation Assefaw Hadish Gebremedhin Isabelle Guérin Lassous Jens Gustedt Jan Arne Telle Abstract We resent a new arallel comutation model that enables the design
More informationAn Efficient and Highly Accurate Technique for Periodic Planar Scanner Calibration with the Antenna Under Test in Situ
An Efficient and Highly Accurate echnique for Periodic Planar Scanner Calibration with the Antenna Under est in Situ Scott Pierce I echnologies 1125 Satellite Boulevard, Suite 100 Suwanee, Georgia 30024
More informationImproving Trust Estimates in Planning Domains with Rare Failure Events
Imroving Trust Estimates in Planning Domains with Rare Failure Events Colin M. Potts and Kurt D. Krebsbach Det. of Mathematics and Comuter Science Lawrence University Aleton, Wisconsin 54911 USA {colin.m.otts,
More informationLearning Robust Locality Preserving Projection via p-order Minimization
Proceedings of the Twenty-Ninth AAAI Conference on Artificial Intelligence Learning Robust Locality Preserving Projection via -Order Minimization Hua Wang, Feiing Nie, Heng Huang Deartment of Electrical
More informationSpace-efficient Region Filling in Raster Graphics
"The Visual Comuter: An International Journal of Comuter Grahics" (submitted July 13, 1992; revised December 7, 1992; acceted in Aril 16, 1993) Sace-efficient Region Filling in Raster Grahics Dominik Henrich
More informationSimultaneous Tracking of Multiple Objects Using Fast Level Set-Like Algorithm
Simultaneous Tracking of Multile Objects Using Fast Level Set-Like Algorithm Martin Maška, Pavel Matula, and Michal Kozubek Centre for Biomedical Image Analysis, Faculty of Informatics Masaryk University,
More informationWavelet Based Statistical Adapted Local Binary Patterns for Recognizing Avatar Faces
Wavelet Based Statistical Adated Local Binary atterns for Recognizing Avatar Faces Abdallah A. Mohamed 1, 2 and Roman V. Yamolskiy 1 1 Comuter Engineering and Comuter Science, University of Louisville,
More informationA GPU Heterogeneous Cluster Scheduling Model for Preventing Temperature Heat Island
A GPU Heterogeneous Cluster Scheduling Model for Preventing Temerature Heat Island Yun-Peng CAO 1,2,a and Hai-Feng WANG 1,2 1 School of Information Science and Engineering, Linyi University, Linyi Shandong,
More informationIdentity-sensitive Points-to Analysis for the Dynamic Behavior of JavaScript Objects
Identity-sensitive Points-to Analysis for the Dynamic Behavior of JavaScrit Objects Shiyi Wei and Barbara G. Ryder Deartment of Comuter Science, Virginia Tech, Blacksburg, VA, USA. {wei,ryder}@cs.vt.edu
More informationCollective Communication: Theory, Practice, and Experience. FLAME Working Note #22
Collective Communication: Theory, Practice, and Exerience FLAME Working Note # Ernie Chan Marcel Heimlich Avi Purkayastha Robert van de Geijn Setember, 6 Abstract We discuss the design and high-erformance
More informationAn improved algorithm for Hausdorff Voronoi diagram for non-crossing sets
An imroved algorithm for Hausdorff Voronoi diagram for non-crossing sets Frank Dehne, Anil Maheshwari and Ryan Taylor May 26, 2006 Abstract We resent an imroved algorithm for building a Hausdorff Voronoi
More informationSafetyNets: Verifiable Execution of Deep Neural Networks on an Untrusted Cloud
SafetyNets: Verifiable Execution of Dee Neural Networks on an Untrusted Cloud Zahra Ghodsi, Tianyu Gu, Siddharth Garg New York University {zg451, tg1553, sg175}@nyu.edu Abstract Inference using dee neural
More informationDetection of Occluded Face Image using Mean Based Weight Matrix and Support Vector Machine
Journal of Comuter Science 8 (7): 1184-1190, 2012 ISSN 1549-3636 2012 Science Publications Detection of Occluded Face Image using Mean Based Weight Matrix and Suort Vector Machine 1 G. Nirmala Priya and
More informationVector sigma filters for noise detection and removal in color images
J. Vis. Commun. Image R. 7 (26) 26 www.elsevier.com/locate/jvci Vector sigma filters for noise detection and removal in color images Rastislav Lukac a, *,, Bogdan Smolka b, Konstantinos N. Plataniotis
More informationA CLASS OF STRUCTURED LDPC CODES WITH LARGE GIRTH
A CLASS OF STRUCTURED LDPC CODES WITH LARGE GIRTH Jin Lu, José M. F. Moura, and Urs Niesen Deartment of Electrical and Comuter Engineering Carnegie Mellon University, Pittsburgh, PA 15213 jinlu, moura@ece.cmu.edu
More informationBrigham Young University Oregon State University. Abstract. In this paper we present a new parallel sorting algorithm which maximizes the overlap
Aeared in \Journal of Parallel and Distributed Comuting, July 1995 " Overlaing Comutations, Communications and I/O in Parallel Sorting y Mark J. Clement Michael J. Quinn Comuter Science Deartment Deartment
More informationFacial Expression Recognition using Image Processing and Neural Network
Keerti Keshav Kanchi / International Journal of Comuter Science & Engineering Technology (IJCSET) Facial Exression Recognition using Image Processing and eural etwork Keerti Keshav Kanchi PG Student, Deartment
More informationReducing Structural Bias in Technology Mapping
Reducing Structural Bias in Technology Maing S. Chatterjee A. Mishchenko R. Brayton Deartment of EECS U. C. Berkeley {satrajit, alanmi, brayton}@eecs.berkeley.edu X. Wang T. Kam Strategic CAD Labs Intel
More informationReaction Attack on Outsourced Computing with Fully Homomorphic Encryption Schemes
Reaction Attack on Outsourced Computing with Fully Homomorphic Encryption Schemes Zhenfei Zhang, Thomas Plantard, and Willy Susilo School of Computer Science & Software Engineering (SCSSE) University Of
More informationA Scalable Parallel Sorting Algorithm Using Exact Splitting
A Scalable Parallel Sorting Algorithm Using Exact Slitting Christian Siebert 1,2 and Felix Wolf 1,2,3 1 German Research School for Simulation Sciences, 52062 Aachen, Germany 2 RWTH Aachen University, Comuter
More informationA NOVEL PROTOCOL FOR INDIRECT AUTHENTICATION IN MOBILE NETWORKS BASED ON ELLIPTIC CURVE CRYPTOGRAPHY
A NOVEL PROTOCOL FOR INDIRECT AUTHENTICATION IN MOBILE NETWORKS BASED ON ELLIPTIC CURVE CRYPTOGRAPHY 1 MS.P.G.RAJESWARI, 2 DR.K.THILAGAVATHI 1 Assistant Professor, Deartment of Mathematics, V.L.B.Janakjammal
More information