SlideShare ist ein Scribd-Unternehmen logo

Generalized Elias Schemes for Truly Random Bits

R
Riccardo Bernardini

The problem of generating a sequence of true random bits (suitable for cryptographic applications) from random discrete or analog sources is considered. A generalized version, including Vector Quantization, of the classical approach by Elias for the generation of truly random bits is introduced, and its performance is analyzed, both in the finite case and asymptotically. The theory allows us to provide an alternative proof of the optimality of the original Elias’ scheme. We also consider the problem of deriving random bits from measurements of a Poisson process and from vectors of iid Gaussian variables. The comparison with the scheme of Elias, applied to geometric-like non binary vectors, originally based on the iso-probability property of permutations of iid variables, confirms the potential of the generalized scheme proposed in our work.

Ingenieurwesen
1 von 28
Downloaden Sie, um offline zu lesen
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Riccardo Bernardini and Roberto Rinaldo University of Udine riccardo.bernardini@uniud.it, rinaldo@uniud.it http://link.springer.com/article/10.1007/s10207-016-0358-5 DOI: 10.1007/s10207-016-0358-5 Int. J. Inf. Secur. (2017), Springer 2 January 2017
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Outline • Why true random numbers? • Why Poisson sources? • What is a (Generalized) Elias Scheme? • Elias for Poisson • Conclusions 1 DIEGM University of Udine
Why true random numbers?
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why random numbers? • Widely used in cryptography – Challenges – Keys (temporary & long-term) – Prime numbers • Critical requirement: true unpredictability • Usual generators not good enough – Cryptographically strong PRNG – They need truly random seed 2 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example: Prime number generation Uniformly distributed 3 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits How many bits? • # primes less than N ≈ N ln N # of expected iterations ln(2b) × # of bit/iteration b − 1 = Total # of bit required O(b2) • For two 1024-bit primes we need ≈ 1.4 · 106 random bits • /dev/random generates ≈ 300 bit/s 1.4 · 106bit 300 bit/s = 4800 s ≈ 1h 20m 4 DIEGM University of Udine
Why Poisson sources?
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why? • Very common – Radioactive decay – Photon arrivals on a photodiode – Shot noise – . . . 5 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Sampling a Poisson source n = Interarrival time modulo 2M (in units of ∆) P[n = k] = C · pk, k ∈ [0, 2M − 1], geometric, but finite 6 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Performance # bit/s ≈ λ log2 e − λ log2(λ∆) λ = intensity,M → ∞ −5 0 5 10 15 20 0 5 10 15 20 M Eaten by the mod... Rate (bit/event) −log2 (λ∆) H(N)(bits) Approximation True entropy 7 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits However. . . • Samples not uniform P[n = k] =    C · pk k ∈ {0, 1, . . . , 2M − 1} 0 else • We need to extract a sequence of iid bits • Note – We can rely on the Poisson hypothesis – We cannot rely on the exact value of p 8 DIEGM University of Udine
(Generalized) Elias Schemes
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits The conditioning problem • A random process {Xk}k∈N with alphabet A • Variables Xk iid, but probabilities P[Xk = a] not exactly known • We want to map {Xk}k∈N into a sequence {Bk}k∈N of unbiased, iid bits 9 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Blockwise conditioner • A map f : AL →{0, 1}∗ Set of all finite bitstrings • Output process f(X1, . . . , XL) S1 & f(XL+1, . . . , X2L) S2 & f(X2L+1, . . . , X3L) S3 & · · · Note: the length of bitstrings Sn may vary (it can be even zero) • Output process iid and unbiased. Moreover, we would like Output rate = E [|f(X1, . . . , XL)|] L ≈ H(X) 10 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Von Neumman • Blocksize = 2. Binary input A = {0, 1}. X2n X2n+1 bn = f(X2n, X2n+1) 0 0 φ 0 1 0 1 0 1 1 1 φ iid ⇒ P[(X2n, X2n+1) = (0, 1)] = P[(X2n, X2n+1) = (1, 0)] ⇒ P[bn = 0] = P[bn = 1] • Requires only iid • Not efficient 11 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Elias Use larger blocks & exploit iid Use “binary expansion” of isoprobability sets 12 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Generalized Elias First (and key) step Partition AL in isoprobability sets Wi • In Elias: isoprobability set = permutation class • In Generalized Elias: isoprobability set = chosen by “user” Second step Split Wi into sets whose cardinality is a power of two Properties • The partition of a GES is coarser than the partition of Elias • If only iid is assumed, Elias is the only possibility 13 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits GES Performance ⇒ We can buy performance with generality ⇐ 14 DIEGM University of Udine
GES for Poisson
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Geometric variables • If Xk are obtained by M-bit sampling a Poisson process P[Xk = n] = C · pn n ∈ {0, . . . , 2M − 1} We do not know the exact value of p • Note that P[X1 = n1, . . . , XL = nL] = CL · p k nk depends only on k nk Isoprobability = Isosum 15 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why? • Partition sizes PElias L = 2M + L − 1 L > ≈ 2M L L PGeom L = L2M • Example, M = 16, L = 128, [H( )/L ≤ 0.25] PElias L ≈ 2.8 · 1042 PGeom L = 8192 log2 PElias L L ≈ 4.4 log2 PGeom L L ≈ 0.4 16 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Experimental Results 2M = 16 2M = 64 2 3 4 5 6 7 8 9 10 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 Block size bit/symbol Elias Proposed no mod mod M 2 3 4 5 6 7 8 9 10 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 Block size bit/symbol Elias Proposed no mod mod M p = 0.1, H(geometric) = 4.69 17 DIEGM University of Udine
The Gaussian case
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Extension to continuous r.v. The idea of isoprobability sets can be extended to the case of con- tinuous random variables 1. Collect the variables in vectors of length L 2. Partition RL with a vector quantizer 3. Collect the decision regions of the vector quantizer into iso-probability sets 4. Use the iso-probability sets like in the discrete case 18 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example: Gaussian variables • If Xi, i = 1, . . . , L are Gaussian iid, the joint pdf depends only on X2 1 + X2 2 + · · · + X2 L = r2 • This suggests the following approach 1. Partition the space in spherical shells Sk = {x ∈ RL : rk−1 ≤ x < rk} 2. Partition the unit sphere in iso-area sections Uj 3. Define the (k, j)-th decision region Vk,j as (see next slide) Vk,j = {x : x ∈ Sk, x/ x ∈ Uj} 4. Note that P[X ∈ Vk,j depends only on k 5. The k-th iso-probabilty set is ∪jVk,j 19 DIEGM University of Udine
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example of partitioning in Gaussian case 20 DIEGM University of Udine
Toward the end. . .
Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Conclusions • A blockwise conditioner for Poisson processes has been presented • The proposed conditioner is a GES that uses iso-sum sets as iso- probability sets The size of the resulting partition is order of magnitude smaller than the Elias partition The proposed scheme is much more efficient than classic Elias 21 DIEGM University of Udine

Empfohlen

Physically Unclonable Random Permutations
Physically Unclonable Random PermutationsPhysically Unclonable Random Permutations
Physically Unclonable Random PermutationsRiccardo Bernardini
 
Low-rank tensor methods for stochastic forward and inverse problems
Low-rank tensor methods for stochastic forward and inverse problemsLow-rank tensor methods for stochastic forward and inverse problems
Low-rank tensor methods for stochastic forward and inverse problemsAlexander Litvinenko
 
report
reportreport
reportSirui Zhang
 
Information-theoretic clustering with applications
Information-theoretic clustering with applicationsInformation-theoretic clustering with applications
Information-theoretic clustering with applicationsFrank Nielsen
 
ikh323-05
ikh323-05ikh323-05
ikh323-05Anung Ariwibowo
 
Connection between inverse problems and uncertainty quantification problems
Connection between inverse problems and uncertainty quantification problemsConnection between inverse problems and uncertainty quantification problems
Connection between inverse problems and uncertainty quantification problemsAlexander Litvinenko
 
jammer_placement
jammer_placementjammer_placement
jammer_placementM. Reza Gholami
 
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...MLconf
 

Empfohlen

Physically Unclonable Random Permutations
Physically Unclonable Random PermutationsPhysically Unclonable Random Permutations
Physically Unclonable Random PermutationsRiccardo Bernardini
 
Low-rank tensor methods for stochastic forward and inverse problems
Low-rank tensor methods for stochastic forward and inverse problemsLow-rank tensor methods for stochastic forward and inverse problems
Low-rank tensor methods for stochastic forward and inverse problemsAlexander Litvinenko
 
report
reportreport
reportSirui Zhang
 
Information-theoretic clustering with applications
Information-theoretic clustering with applicationsInformation-theoretic clustering with applications
Information-theoretic clustering with applicationsFrank Nielsen
 
ikh323-05
ikh323-05ikh323-05
ikh323-05Anung Ariwibowo
 
Connection between inverse problems and uncertainty quantification problems
Connection between inverse problems and uncertainty quantification problemsConnection between inverse problems and uncertainty quantification problems
Connection between inverse problems and uncertainty quantification problemsAlexander Litvinenko
 
jammer_placement
jammer_placementjammer_placement
jammer_placementM. Reza Gholami
 
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...MLconf
 
EE gate-2016-set-1
EE gate-2016-set-1EE gate-2016-set-1
EE gate-2016-set-1meghasingh812
 
Introductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 officialIntroductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 officialEvert Sandye Taasiringan
 
Gate-Cs 2006
Gate-Cs 2006Gate-Cs 2006
Gate-Cs 2006Ravi Rajput
 
Tensor Train decomposition in machine learning
Tensor Train decomposition in machine learningTensor Train decomposition in machine learning
Tensor Train decomposition in machine learningAlexander Novikov
 
Interconnections of hybrid systems
Interconnections of hybrid systemsInterconnections of hybrid systems
Interconnections of hybrid systemsMKosmykov
 
Understanding CTLE
Understanding CTLEUnderstanding CTLE
Understanding CTLE继顺(Jeffrey) 王
 
Number theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-newNumber theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-newChristos Loizos
 
Topology Matters in Communication
Topology Matters in CommunicationTopology Matters in Communication
Topology Matters in Communicationcseiitgn
 
Simplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution AlgorithmsSimplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution AlgorithmsPK Lehre
 
Practical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient ApportionmentPractical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient ApportionmentRaphael Reitzig
 
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...The Statistical and Applied Mathematical Sciences Institute
 
Conditional neural processes
Conditional neural processesConditional neural processes
Conditional neural processesKazuki Fujikawa
 
Efficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representationsEfficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representationsNAVER Engineering
 
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...seijihagawa
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptographyDr Fereidoun Dejahang
 
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...MLconf
 
Introductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 officialIntroductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 officialEvert Sandye Taasiringan
 
Dakotacon 2017
Dakotacon 2017Dakotacon 2017
Dakotacon 2017Blue Teamer
 
Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017WhitewoodOWASP
 
A Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantA Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantRiccardo Bernardini
 
Active Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsActive Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsJason Lang
 
RTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftRTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftJou Neo
 

Weitere ähnliche Inhalte

Was ist angesagt?

Introductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 officialIntroductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 officialEvert Sandye Taasiringan
 
Tensor Train decomposition in machine learning
Tensor Train decomposition in machine learningTensor Train decomposition in machine learning
Tensor Train decomposition in machine learningAlexander Novikov
 
Interconnections of hybrid systems
Interconnections of hybrid systemsInterconnections of hybrid systems
Interconnections of hybrid systemsMKosmykov
 
Number theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-newNumber theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-newChristos Loizos
 
Topology Matters in Communication
Topology Matters in CommunicationTopology Matters in Communication
Topology Matters in Communicationcseiitgn
 
Simplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution AlgorithmsSimplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution AlgorithmsPK Lehre
 
Practical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient ApportionmentPractical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient ApportionmentRaphael Reitzig
 
Conditional neural processes
Conditional neural processesConditional neural processes
Conditional neural processesKazuki Fujikawa
 
Efficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representationsEfficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representationsNAVER Engineering
 
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...seijihagawa
 
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...MLconf
 
Introductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 officialIntroductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 officialEvert Sandye Taasiringan
 

Was ist angesagt? (17)

EE gate-2016-set-1
EE gate-2016-set-1EE gate-2016-set-1
EE gate-2016-set-1
 
Introductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 officialIntroductory maths analysis chapter 17 official
Introductory maths analysis chapter 17 official
 
Gate-Cs 2006
Gate-Cs 2006Gate-Cs 2006
Gate-Cs 2006
 
Tensor Train decomposition in machine learning
Tensor Train decomposition in machine learningTensor Train decomposition in machine learning
Tensor Train decomposition in machine learning
 
Interconnections of hybrid systems
Interconnections of hybrid systemsInterconnections of hybrid systems
Interconnections of hybrid systems
 
Understanding CTLE
Understanding CTLEUnderstanding CTLE
Understanding CTLE
 
Number theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-newNumber theoretic-rsa-chailos-new
Number theoretic-rsa-chailos-new
 
Topology Matters in Communication
Topology Matters in CommunicationTopology Matters in Communication
Topology Matters in Communication
 
Simplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution AlgorithmsSimplified Runtime Analysis of Estimation of Distribution Algorithms
Simplified Runtime Analysis of Estimation of Distribution Algorithms
 
Practical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient ApportionmentPractical and Worst-Case Efficient Apportionment
Practical and Worst-Case Efficient Apportionment
 
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...
Deep Learning Opening Workshop - ProxSARAH Algorithms for Stochastic Composit...
 
Conditional neural processes
Conditional neural processesConditional neural processes
Conditional neural processes
 
Efficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representationsEfficient end-to-end learning for quantizable representations
Efficient end-to-end learning for quantizable representations
 
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
Scalable Global Alignment Graph Kernel Using Random Features: From Node Embed...
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptography
 
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
Animashree Anandkumar, Electrical Engineering and CS Dept, UC Irvine at MLcon...
 
Introductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 officialIntroductory maths analysis chapter 08 official
Introductory maths analysis chapter 08 official
 

Andere mochten auch

Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017WhitewoodOWASP
 
A Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantA Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantRiccardo Bernardini
 
Active Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsActive Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsJason Lang
 
RTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftRTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftJou Neo
 
Threat hunting as SOC process
Threat hunting as SOC processThreat hunting as SOC process
Threat hunting as SOC processSergey Soldatov
 
Threat Intelligence Field of Dreams
Threat Intelligence Field of DreamsThreat Intelligence Field of Dreams
Threat Intelligence Field of DreamsGreg Foss
 
Rtos ameba
Rtos amebaRtos ameba
Rtos amebaJou Neo
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Blue Teamer
 
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovPHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovSergey Soldatov
 
Io t security-ameba-ppt
Io t security-ameba-pptIo t security-ameba-ppt
Io t security-ameba-pptJou Neo
 
Terra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessTerra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessRiccardo Bernardini
 
Ubuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesUbuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesDustin Kirkland
 
Very stable PUF based on two mosfet
Very stable PUF based on two mosfetVery stable PUF based on two mosfet
Very stable PUF based on two mosfetRiccardo Bernardini
 
Трудовые будни охотника на угрозы
Трудовые будни охотника на угрозыТрудовые будни охотника на угрозы
Трудовые будни охотника на угрозыSergey Soldatov
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkSqrrl
 
Kaspersky managed protection
Kaspersky managed protectionKaspersky managed protection
Kaspersky managed protectionSergey Soldatov
 
Hunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureHunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureSergey Soldatov
 

Andere mochten auch (20)

Dakotacon 2017
Dakotacon 2017Dakotacon 2017
Dakotacon 2017
 
Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017
 
A Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantA Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable Constant
 
Active Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsActive Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain Admins
 
RTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftRTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draft
 
Threat hunting as SOC process
Threat hunting as SOC processThreat hunting as SOC process
Threat hunting as SOC process
 
Threat Intelligence Field of Dreams
Threat Intelligence Field of DreamsThreat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
 
A Threat Hunter Himself
A Threat Hunter HimselfA Threat Hunter Himself
A Threat Hunter Himself
 
Rtos ameba
Rtos amebaRtos ameba
Rtos ameba
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)
 
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovPHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
 
Io t security-ameba-ppt
Io t security-ameba-pptIo t security-ameba-ppt
Io t security-ameba-ppt
 
Terra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessTerra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctness
 
Ubuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesUbuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security Features
 
Very stable PUF based on two mosfet
Very stable PUF based on two mosfetVery stable PUF based on two mosfet
Very stable PUF based on two mosfet
 
Трудовые будни охотника на угрозы
Трудовые будни охотника на угрозыТрудовые будни охотника на угрозы
Трудовые будни охотника на угрозы
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
 
Kaspersky managed protection
Kaspersky managed protectionKaspersky managed protection
Kaspersky managed protection
 
Two-fet based PUF
Two-fet based PUFTwo-fet based PUF
Two-fet based PUF
 
Hunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureHunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows Infrastructure
 

Ähnlich wie Generalized Elias Schemes for Truly Random Bits

Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...
Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...
Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...Shizuoka Inst. Science and Tech.
 
Regret Minimization in Multi-objective Submodular Function Maximization
Regret Minimization in Multi-objective Submodular Function MaximizationRegret Minimization in Multi-objective Submodular Function Maximization
Regret Minimization in Multi-objective Submodular Function MaximizationTasuku Soma
 
Dynamic Programming
Dynamic ProgrammingDynamic Programming
Dynamic ProgrammingSahil Kumar
 
Chapter17 multivariablecalculus-151007044001-lva1-app6891
Chapter17 multivariablecalculus-151007044001-lva1-app6891Chapter17 multivariablecalculus-151007044001-lva1-app6891
Chapter17 multivariablecalculus-151007044001-lva1-app6891Cleophas Rwemera
 
Image formation
Image formationImage formation
Image formationpotaters
 
Conjugate Gradient method for Brain Magnetic Resonance Images Segmentation
Conjugate Gradient method for Brain Magnetic Resonance Images SegmentationConjugate Gradient method for Brain Magnetic Resonance Images Segmentation
Conjugate Gradient method for Brain Magnetic Resonance Images SegmentationEL-Hachemi Guerrout
 
Numerical Linear Algebra for Data and Link Analysis.
Numerical Linear Algebra for Data and Link Analysis.Numerical Linear Algebra for Data and Link Analysis.
Numerical Linear Algebra for Data and Link Analysis.Leonid Zhukov
 
Random Matrix Theory and Machine Learning - Part 4
Random Matrix Theory and Machine Learning - Part 4Random Matrix Theory and Machine Learning - Part 4
Random Matrix Theory and Machine Learning - Part 4Fabian Pedregosa
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdfgrssieee
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdfgrssieee
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdfgrssieee
 
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...grssieee
 
Maximizing the spectral gap of networks produced by node removal
Maximizing the spectral gap of networks produced by node removalMaximizing the spectral gap of networks produced by node removal
Maximizing the spectral gap of networks produced by node removalNaoki Masuda
 
Neural Processes Family
Neural Processes FamilyNeural Processes Family
Neural Processes FamilyKota Matsui
 
13_Unsupervised Learning.pdf
13_Unsupervised Learning.pdf13_Unsupervised Learning.pdf
13_Unsupervised Learning.pdfEmanAsem4
 
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...Istituto nazionale di statistica
 
SPDE presentation 2012
SPDE presentation 2012SPDE presentation 2012
SPDE presentation 2012Zheng Mengdi
 

Ähnlich wie Generalized Elias Schemes for Truly Random Bits (20)

Teknik Simulasi
Teknik SimulasiTeknik Simulasi
Teknik Simulasi
 
Randomized algorithms ver 1.0
Randomized algorithms ver 1.0Randomized algorithms ver 1.0
Randomized algorithms ver 1.0
 
Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...
Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...
Talk at SciCADE2013 about "Accelerated Multiple Precision ODE solver base on ...
 
Regret Minimization in Multi-objective Submodular Function Maximization
Regret Minimization in Multi-objective Submodular Function MaximizationRegret Minimization in Multi-objective Submodular Function Maximization
Regret Minimization in Multi-objective Submodular Function Maximization
 
Dynamic Programming
Dynamic ProgrammingDynamic Programming
Dynamic Programming
 
Chapter 17 - Multivariable Calculus
Chapter 17 - Multivariable CalculusChapter 17 - Multivariable Calculus
Chapter 17 - Multivariable Calculus
 
Chapter17 multivariablecalculus-151007044001-lva1-app6891
Chapter17 multivariablecalculus-151007044001-lva1-app6891Chapter17 multivariablecalculus-151007044001-lva1-app6891
Chapter17 multivariablecalculus-151007044001-lva1-app6891
 
Image formation
Image formationImage formation
Image formation
 
Conjugate Gradient method for Brain Magnetic Resonance Images Segmentation
Conjugate Gradient method for Brain Magnetic Resonance Images SegmentationConjugate Gradient method for Brain Magnetic Resonance Images Segmentation
Conjugate Gradient method for Brain Magnetic Resonance Images Segmentation
 
Numerical Linear Algebra for Data and Link Analysis.
Numerical Linear Algebra for Data and Link Analysis.Numerical Linear Algebra for Data and Link Analysis.
Numerical Linear Algebra for Data and Link Analysis.
 
Random Matrix Theory and Machine Learning - Part 4
Random Matrix Theory and Machine Learning - Part 4Random Matrix Theory and Machine Learning - Part 4
Random Matrix Theory and Machine Learning - Part 4
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdf
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdf
 
simplex.pdf
simplex.pdfsimplex.pdf
simplex.pdf
 
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...
SIMPLEX VOLUME ANALYSIS BASED ON TRIANGULAR FACTORIZATION: A FRAMEWORK FOR HY...
 
Maximizing the spectral gap of networks produced by node removal
Maximizing the spectral gap of networks produced by node removalMaximizing the spectral gap of networks produced by node removal
Maximizing the spectral gap of networks produced by node removal
 
Neural Processes Family
Neural Processes FamilyNeural Processes Family
Neural Processes Family
 
13_Unsupervised Learning.pdf
13_Unsupervised Learning.pdf13_Unsupervised Learning.pdf
13_Unsupervised Learning.pdf
 
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...
Session II - Estimation methods and accuracy Li-Chun Zhang Discussion: Sess...
 
SPDE presentation 2012
SPDE presentation 2012SPDE presentation 2012
SPDE presentation 2012
 

Mehr von Riccardo Bernardini

Superconductivity: the ICT that came from cold
Superconductivity: the ICT that came from coldSuperconductivity: the ICT that came from cold
Superconductivity: the ICT that came from coldRiccardo Bernardini
 
EUgen: an European project description generator
EUgen: an European project description generatorEUgen: an European project description generator
EUgen: an European project description generatorRiccardo Bernardini
 
Multiple description coding for robust video transmission
Multiple description coding for robust video transmissionMultiple description coding for robust video transmission
Multiple description coding for robust video transmissionRiccardo Bernardini
 
PPETP: A peer-to-peer streaming protocol
PPETP: A peer-to-peer streaming protocolPPETP: A peer-to-peer streaming protocol
PPETP: A peer-to-peer streaming protocolRiccardo Bernardini
 
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTION
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTIONROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTION
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTIONRiccardo Bernardini
 
Sparse Representation for Fetal QRS Detection in Abdominal ECG Recordings
Sparse Representation for Fetal QRS Detection in Abdominal ECG RecordingsSparse Representation for Fetal QRS Detection in Abdominal ECG Recordings
Sparse Representation for Fetal QRS Detection in Abdominal ECG RecordingsRiccardo Bernardini
 
Gaussian Dictionary for Compressive Sensing of the ECG Signal
Gaussian Dictionary for Compressive Sensing of the ECG SignalGaussian Dictionary for Compressive Sensing of the ECG Signal
Gaussian Dictionary for Compressive Sensing of the ECG SignalRiccardo Bernardini
 

Mehr von Riccardo Bernardini (7)

Superconductivity: the ICT that came from cold
Superconductivity: the ICT that came from coldSuperconductivity: the ICT that came from cold
Superconductivity: the ICT that came from cold
 
EUgen: an European project description generator
EUgen: an European project description generatorEUgen: an European project description generator
EUgen: an European project description generator
 
Multiple description coding for robust video transmission
Multiple description coding for robust video transmissionMultiple description coding for robust video transmission
Multiple description coding for robust video transmission
 
PPETP: A peer-to-peer streaming protocol
PPETP: A peer-to-peer streaming protocolPPETP: A peer-to-peer streaming protocol
PPETP: A peer-to-peer streaming protocol
 
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTION
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTIONROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTION
ROBUST RECONSTRUCTION FOR CS-BASED FETAL BEATS DETECTION
 
Sparse Representation for Fetal QRS Detection in Abdominal ECG Recordings
Sparse Representation for Fetal QRS Detection in Abdominal ECG RecordingsSparse Representation for Fetal QRS Detection in Abdominal ECG Recordings
Sparse Representation for Fetal QRS Detection in Abdominal ECG Recordings
 
Gaussian Dictionary for Compressive Sensing of the ECG Signal
Gaussian Dictionary for Compressive Sensing of the ECG SignalGaussian Dictionary for Compressive Sensing of the ECG Signal
Gaussian Dictionary for Compressive Sensing of the ECG Signal
 

Kürzlich hochgeladen

Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...soginsider
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdfKamal Acharya
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...tanu pandey
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptDineshKumar4165
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfRagavanV2
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 

Kürzlich hochgeladen (20)

Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 

Generalized Elias Schemes for Truly Random Bits

  • 1. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Riccardo Bernardini and Roberto Rinaldo University of Udine riccardo.bernardini@uniud.it, rinaldo@uniud.it http://link.springer.com/article/10.1007/s10207-016-0358-5 DOI: 10.1007/s10207-016-0358-5 Int. J. Inf. Secur. (2017), Springer 2 January 2017
  • 2. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Outline • Why true random numbers? • Why Poisson sources? • What is a (Generalized) Elias Scheme? • Elias for Poisson • Conclusions 1 DIEGM University of Udine
  • 3. Why true random numbers?
  • 4. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why random numbers? • Widely used in cryptography – Challenges – Keys (temporary & long-term) – Prime numbers • Critical requirement: true unpredictability • Usual generators not good enough – Cryptographically strong PRNG – They need truly random seed 2 DIEGM University of Udine
  • 5. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example: Prime number generation Uniformly distributed 3 DIEGM University of Udine
  • 6. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits How many bits? • # primes less than N ≈ N ln N # of expected iterations ln(2b) × # of bit/iteration b − 1 = Total # of bit required O(b2) • For two 1024-bit primes we need ≈ 1.4 · 106 random bits • /dev/random generates ≈ 300 bit/s 1.4 · 106bit 300 bit/s = 4800 s ≈ 1h 20m 4 DIEGM University of Udine
  • 8. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why? • Very common – Radioactive decay – Photon arrivals on a photodiode – Shot noise – . . . 5 DIEGM University of Udine
  • 9. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Sampling a Poisson source n = Interarrival time modulo 2M (in units of ∆) P[n = k] = C · pk, k ∈ [0, 2M − 1], geometric, but finite 6 DIEGM University of Udine
  • 10. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Performance # bit/s ≈ λ log2 e − λ log2(λ∆) λ = intensity,M → ∞ −5 0 5 10 15 20 0 5 10 15 20 M Eaten by the mod... Rate (bit/event) −log2 (λ∆) H(N)(bits) Approximation True entropy 7 DIEGM University of Udine
  • 11. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits However. . . • Samples not uniform P[n = k] =    C · pk k ∈ {0, 1, . . . , 2M − 1} 0 else • We need to extract a sequence of iid bits • Note – We can rely on the Poisson hypothesis – We cannot rely on the exact value of p 8 DIEGM University of Udine
  • 13. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits The conditioning problem • A random process {Xk}k∈N with alphabet A • Variables Xk iid, but probabilities P[Xk = a] not exactly known • We want to map {Xk}k∈N into a sequence {Bk}k∈N of unbiased, iid bits 9 DIEGM University of Udine
  • 14. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Blockwise conditioner • A map f : AL →{0, 1}∗ Set of all finite bitstrings • Output process f(X1, . . . , XL) S1 & f(XL+1, . . . , X2L) S2 & f(X2L+1, . . . , X3L) S3 & · · · Note: the length of bitstrings Sn may vary (it can be even zero) • Output process iid and unbiased. Moreover, we would like Output rate = E [|f(X1, . . . , XL)|] L ≈ H(X) 10 DIEGM University of Udine
  • 15. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Von Neumman • Blocksize = 2. Binary input A = {0, 1}. X2n X2n+1 bn = f(X2n, X2n+1) 0 0 φ 0 1 0 1 0 1 1 1 φ iid ⇒ P[(X2n, X2n+1) = (0, 1)] = P[(X2n, X2n+1) = (1, 0)] ⇒ P[bn = 0] = P[bn = 1] • Requires only iid • Not efficient 11 DIEGM University of Udine
  • 16. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Elias Use larger blocks & exploit iid Use “binary expansion” of isoprobability sets 12 DIEGM University of Udine
  • 17. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Generalized Elias First (and key) step Partition AL in isoprobability sets Wi • In Elias: isoprobability set = permutation class • In Generalized Elias: isoprobability set = chosen by “user” Second step Split Wi into sets whose cardinality is a power of two Properties • The partition of a GES is coarser than the partition of Elias • If only iid is assumed, Elias is the only possibility 13 DIEGM University of Udine
  • 18. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits GES Performance ⇒ We can buy performance with generality ⇐ 14 DIEGM University of Udine
  • 20. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Geometric variables • If Xk are obtained by M-bit sampling a Poisson process P[Xk = n] = C · pn n ∈ {0, . . . , 2M − 1} We do not know the exact value of p • Note that P[X1 = n1, . . . , XL = nL] = CL · p k nk depends only on k nk Isoprobability = Isosum 15 DIEGM University of Udine
  • 21. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Why? • Partition sizes PElias L = 2M + L − 1 L > ≈ 2M L L PGeom L = L2M • Example, M = 16, L = 128, [H( )/L ≤ 0.25] PElias L ≈ 2.8 · 1042 PGeom L = 8192 log2 PElias L L ≈ 4.4 log2 PGeom L L ≈ 0.4 16 DIEGM University of Udine
  • 22. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Experimental Results 2M = 16 2M = 64 2 3 4 5 6 7 8 9 10 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 Block size bit/symbol Elias Proposed no mod mod M 2 3 4 5 6 7 8 9 10 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 Block size bit/symbol Elias Proposed no mod mod M p = 0.1, H(geometric) = 4.69 17 DIEGM University of Udine
  • 24. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Extension to continuous r.v. The idea of isoprobability sets can be extended to the case of con- tinuous random variables 1. Collect the variables in vectors of length L 2. Partition RL with a vector quantizer 3. Collect the decision regions of the vector quantizer into iso-probability sets 4. Use the iso-probability sets like in the discrete case 18 DIEGM University of Udine
  • 25. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example: Gaussian variables • If Xi, i = 1, . . . , L are Gaussian iid, the joint pdf depends only on X2 1 + X2 2 + · · · + X2 L = r2 • This suggests the following approach 1. Partition the space in spherical shells Sk = {x ∈ RL : rk−1 ≤ x < rk} 2. Partition the unit sphere in iso-area sections Uj 3. Define the (k, j)-th decision region Vk,j as (see next slide) Vk,j = {x : x ∈ Sk, x/ x ∈ Uj} 4. Note that P[X ∈ Vk,j depends only on k 5. The k-th iso-probabilty set is ∪jVk,j 19 DIEGM University of Udine
  • 26. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Example of partitioning in Gaussian case 20 DIEGM University of Udine
  • 28. Generalized Elias Schemes for Efficient Harvesting of Truly Random Bits Conclusions • A blockwise conditioner for Poisson processes has been presented • The proposed conditioner is a GES that uses iso-sum sets as iso- probability sets The size of the resulting partition is order of magnitude smaller than the Elias partition The proposed scheme is much more efficient than classic Elias 21 DIEGM University of Udine