Analysis of Bernstein's Factorization Circuit
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fast Software Encryption
Pushing the limits of one-time signatures
Proceedings of the 2nd international conference on Security of information and networks
Improved Generic Algorithms for 3-Collisions
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Collisions for 70-step SHA-1: on the full cost of collision search
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
On the effectiveness of TMTO and exhaustive search attacks
IWSEC'06 Proceedings of the 1st international conference on Security
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Hi-index | 0.00 |
An open question about the asymptotic cost of connecting many processors to a large memory using three dimensions for wiring is answered, and this result is used to find the full cost of several cryptanalytic attacks. In many cases this full cost is higher than the accepted complexity of a given algorithm based on the number of processor steps. The full costs of several cryptanalytic attacks are determined, including Shanks’ method for computing discrete logarithms in cyclic groups of prime order n, which requires n1/2+o(1) processor steps, but, when all factors are taken into account, has full cost n2/3+o(1). Other attacks analyzed are factoring with the number field sieve, generic attacks on block ciphers, attacks on double and triple encryption, and finding hash collisions. In many cases parallel collision search gives a significant asymptotic advantage over well-known generic attacks.