Learn More
Our contribution is twofold: first we describe a very compact hardware implementation of AES-128, which requires only 2400 GE. This is to the best of our knowledge the smallest implementation reported so far. Then we apply the threshold countermeasure by Nikova et al. to the AES S-box and yield an implementation of the AES improving the level of resistance(More)
A new algebraic approach to quasi-cyclic codes is introduced. The key idea is to regard a quasi-cyclic code over a field as a linear code over an auxiliary ring. By the use of the Chinese Remainder Theorem (CRT), or of the Discrete Fourier Transform (DFT), that ring can be decomposed into a direct product of fields. That ring decomposition in turn yields a(More)
In coding theory, self-dual codes and cyclic codes are important classes of codes which have been extensively studied. The main objects of study in this paper are self-dual cyclic codes over finite fields, i.e., the intersection of these two classes. We show that self-dual cyclic codes of length <i>n</i> over \BBF<i>q</i> exist if and only if <i>n</i> is(More)
A provably secure countermeasure against first order side-channel attacks was proposed by Nikova et al. (P. Ning, S. Qing, N. Li (eds.) International conference in information and communications security. Lecture notes in computer science, vol. 4307, pp. 529–545, Springer, Berlin, 2006). We have implemented the lightweight block cipher PRESENT using the(More)
The ring decomposition technique of part I is extended to the case when the factors in the direct product decomposition are no longer fields but arbitrary chain rings. This includes not only the case of quasi-cyclic codes over rings but also the case of quasi-cyclic codes over fields whose co-index is no longer prime to the characteristic of the field. A(More)
We revisit narrow-pipe designs that are in practical use, and their security against preimage attacks. Our results are the best known preimage attacks on Tiger, MD4, and reduced SHA-2, with the result on Tiger being the first cryptanalytic shortcut attack on the full hash function. Our attacks runs in time 2 for finding preimages, and 2 for(More)
It is known that quantum error correction can be achieved using classical binary codes or additive codes over (see [2], [3], [9]). In [1] and [4], asymptotically good quantum codes from algebraic-geometry codes were constructed and, in [1], a bound on ( ) was computed from the Tsfasman–Vlăduţ–Zink bound of the theory of classical algebraic-geometry codes.(More)
In this paper, we first construct several classes of classical Hermitian self-orthogonal maximum distance separable (MDS) codes. Through these classical codes, we are able to obtain various quantum MDS codes. It turns out that many of our quantum codes are new in the sense that the parameters of our quantum codes cannot be obtained from all previous(More)