@article{2178,
abstract = {We consider the three-state toric homogeneous Markov chain model (THMC) without loops and initial parameters. At time T, the size of the design matrix is 6 × 3 · 2T-1 and the convex hull of its columns is the model polytope. We study the behavior of this polytope for T ≥ 3 and we show that it is defined by 24 facets for all T ≥ 5. Moreover, we give a complete description of these facets. From this, we deduce that the toric ideal associated with the design matrix is generated by binomials of degree at most 6. Our proof is based on a result due to Sturmfels, who gave a bound on the degree of the generators of a toric ideal, provided the normality of the corresponding toric variety. In our setting, we established the normality of the toric variety associated to the THMC model by studying the geometric properties of the model polytope.},
author = {Haws, David and Martin Del Campo Sanchez, Abraham and Takemura, Akimichi and Yoshida, Ruriko},
journal = {Beitrage zur Algebra und Geometrie},
number = {1},
pages = {161 -- 188},
publisher = {Springer},
title = {{Markov degree of the three-state toric homogeneous Markov chain model}},
doi = {10.1007/s13366-013-0178-y},
volume = {55},
year = {2014},
}
@article{2179,
abstract = {We extend the proof of the local semicircle law for generalized Wigner matrices given in MR3068390 to the case when the matrix of variances has an eigenvalue -1. In particular, this result provides a short proof of the optimal local Marchenko-Pastur law at the hard edge (i.e. around zero) for sample covariance matrices X*X, where the variances of the entries of X may vary.},
author = {Ajanki, Oskari H and Erdös, László and Krüger, Torben H},
journal = {Electronic Communications in Probability},
publisher = {Institute of Mathematical Statistics},
title = {{Local semicircle law with imprimitive variance matrix}},
doi = {10.1214/ECP.v19-3121},
volume = {19},
year = {2014},
}
@article{2180,
abstract = {Weighted majority votes allow one to combine the output of several classifiers or voters. MinCq is a recent algorithm for optimizing the weight of each voter based on the minimization of a theoretical bound over the risk of the vote with elegant PAC-Bayesian generalization guarantees. However, while it has demonstrated good performance when combining weak classifiers, MinCq cannot make use of the useful a priori knowledge that one may have when using a mixture of weak and strong voters. In this paper, we propose P-MinCq, an extension of MinCq that can incorporate such knowledge in the form of a constraint over the distribution of the weights, along with general proofs of convergence that stand in the sample compression setting for data-dependent voters. The approach is applied to a vote of k-NN classifiers with a specific modeling of the voters' performance. P-MinCq significantly outperforms the classic k-NN classifier, a symmetric NN and MinCq using the same voters. We show that it is also competitive with LMNN, a popular metric learning algorithm, and that combining both approaches further reduces the error.},
author = {Bellet, Aurélien and Habrard, Amaury and Morvant, Emilie and Sebban, Marc},
journal = {Machine Learning},
number = {1-2},
pages = {129 -- 154},
publisher = {Springer},
title = {{Learning a priori constrained weighted majority votes}},
doi = {10.1007/s10994-014-5462-z},
volume = {97},
year = {2014},
}
@article{2183,
abstract = {We describe a simple adaptive network of coupled chaotic maps. The network reaches a stationary state (frozen topology) for all values of the coupling parameter, although the dynamics of the maps at the nodes of the network can be nontrivial. The structure of the network shows interesting hierarchical properties and in certain parameter regions the dynamics is polysynchronous: Nodes can be divided in differently synchronized classes but, contrary to cluster synchronization, nodes in the same class need not be connected to each other. These complicated synchrony patterns have been conjectured to play roles in systems biology and circuits. The adaptive system we study describes ways whereby this behavior can evolve from undifferentiated nodes.},
author = {Botella Soler, Vicente and Glendinning, Paul},
journal = {Physical Review E Statistical Nonlinear and Soft Matter Physics},
number = {6},
publisher = {American Institute of Physics},
title = {{Hierarchy and polysynchrony in an adaptive network }},
doi = {10.1103/PhysRevE.89.062809},
volume = {89},
year = {2014},
}
@article{2184,
abstract = {Given topological spaces X,Y, a fundamental problem of algebraic topology is understanding the structure of all continuous maps X→ Y. We consider a computational version, where X,Y are given as finite simplicial complexes, and the goal is to compute [X,Y], that is, all homotopy classes of suchmaps.We solve this problem in the stable range, where for some d ≥ 2, we have dim X ≤ 2d-2 and Y is (d-1)-connected; in particular, Y can be the d-dimensional sphere Sd. The algorithm combines classical tools and ideas from homotopy theory (obstruction theory, Postnikov systems, and simplicial sets) with algorithmic tools from effective algebraic topology (locally effective simplicial sets and objects with effective homology). In contrast, [X,Y] is known to be uncomputable for general X,Y, since for X = S1 it includes a well known undecidable problem: testing triviality of the fundamental group of Y. In follow-up papers, the algorithm is shown to run in polynomial time for d fixed, and extended to other problems, such as the extension problem, where we are given a subspace A ⊂ X and a map A→ Y and ask whether it extends to a map X → Y, or computing the Z2-index-everything in the stable range. Outside the stable range, the extension problem is undecidable.},
author = {Čadek, Martin and Krcál, Marek and Matoušek, Jiří and Sergeraert, Francis and Vokřínek, Lukáš and Wagner, Uli},
journal = {Journal of the ACM},
number = {3},
publisher = {ACM},
title = {{Computing all maps into a sphere}},
doi = {10.1145/2597629},
volume = {61},
year = {2014},
}
@inproceedings{2185,
abstract = {We revisit the classical problem of converting an imperfect source of randomness into a usable cryptographic key. Assume that we have some cryptographic application P that expects a uniformly random m-bit key R and ensures that the best attack (in some complexity class) against P(R) has success probability at most δ. Our goal is to design a key-derivation function (KDF) h that converts any random source X of min-entropy k into a sufficiently "good" key h(X), guaranteeing that P(h(X)) has comparable security δ′ which is 'close' to δ. Seeded randomness extractors provide a generic way to solve this problem for all applications P, with resulting security δ′ = O(δ), provided that we start with entropy k ≥ m + 2 log (1/δ) - O(1). By a result of Radhakrishnan and Ta-Shma, this bound on k (called the "RT-bound") is also known to be tight in general. Unfortunately, in many situations the loss of 2 log (1/δ) bits of entropy is unacceptable. This motivates the study KDFs with less entropy waste by placing some restrictions on the source X or the application P. In this work we obtain the following new positive and negative results in this regard: - Efficient samplability of the source X does not help beat the RT-bound for general applications. This resolves the SRT (samplable RT) conjecture of Dachman-Soled et al. [DGKM12] in the affirmative, and also shows that the existence of computationally-secure extractors beating the RT-bound implies the existence of one-way functions. - We continue in the line of work initiated by Barak et al. [BDK+11] and construct new information-theoretic KDFs which beat the RT-bound for large but restricted classes of applications. Specifically, we design efficient KDFs that work for all unpredictability applications P (e.g., signatures, MACs, one-way functions, etc.) and can either: (1) extract all of the entropy k = m with a very modest security loss δ′ = O(δ·log (1/δ)), or alternatively, (2) achieve essentially optimal security δ′ = O(δ) with a very modest entropy loss k ≥ m + loglog (1/δ). In comparison, the best prior results from [BDK+11] for this class of applications would only guarantee δ′ = O(√δ) when k = m, and would need k ≥ m + log (1/δ) to get δ′ = O(δ). - The weaker bounds of [BDK+11] hold for a larger class of so-called "square- friendly" applications (which includes all unpredictability, but also some important indistinguishability, applications). Unfortunately, we show that these weaker bounds are tight for the larger class of applications. - We abstract out a clean, information-theoretic notion of (k,δ,δ′)- unpredictability extractors, which guarantee "induced" security δ′ for any δ-secure unpredictability application P, and characterize the parameters achievable for such unpredictability extractors. Of independent interest, we also relate this notion to the previously-known notion of (min-entropy) condensers, and improve the state-of-the-art parameters for such condensers.},
author = {Dodis, Yevgeniy and Pietrzak, Krzysztof Z and Wichs, Daniel},
editor = {Nguyen, Phong and Oswald, Elisabeth},
location = {Copenhagen, Denmark},
pages = {93 -- 110},
publisher = {Springer},
title = {{Key derivation without entropy waste}},
doi = {10.1007/978-3-642-55220-5_6},
volume = {8441},
year = {2014},
}
@article{2186,
abstract = {We prove the existence of scattering states for the defocusing cubic Gross-Pitaevskii (GP) hierarchy in ℝ3. Moreover, we show that an exponential energy growth condition commonly used in the well-posedness theory of the GP hierarchy is, in a specific sense, necessary. In fact, we prove that without the latter, there exist initial data for the focusing cubic GP hierarchy for which instantaneous blowup occurs.},
author = {Chen, Thomas and Hainzl, Christian and Pavlović, Nataša and Seiringer, Robert},
journal = {Letters in Mathematical Physics},
number = {7},
pages = {871 -- 891},
publisher = {Springer},
title = {{On the well-posedness and scattering for the Gross-Pitaevskii hierarchy via quantum de Finetti}},
doi = {10.1007/s11005-014-0693-2},
volume = {104},
year = {2014},
}
@article{2187,
abstract = {Systems should not only be correct but also robust in the sense that they behave reasonably in unexpected situations. This article addresses synthesis of robust reactive systems from temporal specifications. Existing methods allow arbitrary behavior if assumptions in the specification are violated. To overcome this, we define two robustness notions, combine them, and show how to enforce them in synthesis. The first notion applies to safety properties: If safety assumptions are violated temporarily, we require that the system recovers to normal operation with as few errors as possible. The second notion requires that, if liveness assumptions are violated, as many guarantees as possible should be fulfilled nevertheless. We present a synthesis procedure achieving this for the important class of GR(1) specifications, and establish complexity bounds. We also present an implementation of a special case of robustness, and show experimental results.},
author = {Bloem, Roderick and Chatterjee, Krishnendu and Greimel, Karin and Henzinger, Thomas A and Hofferek, Georg and Jobstmann, Barbara and Könighofer, Bettina and Könighofer, Robert},
journal = {Acta Informatica},
number = {3-4},
pages = {193 -- 220},
publisher = {Springer},
title = {{Synthesizing robust systems}},
doi = {10.1007/s00236-013-0191-5},
volume = {51},
year = {2014},
}
@article{2188,
abstract = {Although plant and animal cells use a similar core mechanism to deliver proteins to the plasma membrane, their different lifestyle, body organization and specific cell structures resulted in the acquisition of regulatory mechanisms that vary in the two kingdoms. In particular, cell polarity regulators do not seem to be conserved, because genes encoding key components are absent in plant genomes. In plants, the broad knowledge on polarity derives from the study of auxin transporters, the PIN-FORMED proteins, in the model plant Arabidopsis thaliana. In animals, much information is provided from the study of polarity in epithelial cells that exhibit basolateral and luminal apical polarities, separated by tight junctions. In this review, we summarize the similarities and differences of the polarization mechanisms between plants and animals and survey the main genetic approaches that have been used to characterize new genes involved in polarity establishment in plants, including the frequently used forward and reverse genetics screens as well as a novel chemical genetics approach that is expected to overcome the limitation of classical genetics methods.},
author = {Kania, Urszula and Fendrych, Matyas and Friml, Jiřĺ},
journal = {Open Biology},
number = {APRIL},
publisher = {Royal Society},
title = {{Polar delivery in plants; commonalities and differences to animal epithelial cells}},
doi = {10.1098/rsob.140017},
volume = {4},
year = {2014},
}
@inproceedings{2189,
abstract = {En apprentissage automatique, nous parlons d'adaptation de domaine lorsque les données de test (cibles) et d'apprentissage (sources) sont générées selon différentes distributions. Nous devons donc développer des algorithmes de classification capables de s'adapter à une nouvelle distribution, pour laquelle aucune information sur les étiquettes n'est disponible. Nous attaquons cette problématique sous l'angle de l'approche PAC-Bayésienne qui se focalise sur l'apprentissage de modèles définis comme des votes de majorité sur un ensemble de fonctions. Dans ce contexte, nous introduisons PV-MinCq une version adaptative de l'algorithme (non adaptatif) MinCq. PV-MinCq suit le principe suivant. Nous transférons les étiquettes sources aux points cibles proches pour ensuite appliquer MinCq sur l'échantillon cible ``auto-étiqueté'' (justifié par une borne théorique). Plus précisément, nous définissons un auto-étiquetage non itératif qui se focalise dans les régions où les distributions marginales source et cible sont les plus similaires. Dans un second temps, nous étudions l'influence de notre auto-étiquetage pour en déduire une procédure de validation des hyperparamètres. Finalement, notre approche montre des résultats empiriques prometteurs.},
author = {Morvant, Emilie},
location = {Saint-Etienne, France},
pages = {49--58},
publisher = {Elsevier},
title = {{Adaptation de domaine de vote de majorité par auto-étiquetage non itératif}},
volume = {1},
year = {2014},
}
@inproceedings{2190,
abstract = {We present a new algorithm to construct a (generalized) deterministic Rabin automaton for an LTL formula φ. The automaton is the product of a master automaton and an array of slave automata, one for each G-subformula of φ. The slave automaton for G ψ is in charge of recognizing whether FG ψ holds. As opposed to standard determinization procedures, the states of all our automata have a clear logical structure, which allows for various optimizations. Our construction subsumes former algorithms for fragments of LTL. Experimental results show improvement in the sizes of the resulting automata compared to existing methods.},
author = {Esparza, Javier and Kretinsky, Jan},
pages = {192 -- 208},
publisher = {Springer},
title = {{From LTL to deterministic automata: A safraless compositional approach}},
doi = {10.1007/978-3-319-08867-9_13},
volume = {8559},
year = {2014},
}
@article{2211,
abstract = {In two-player finite-state stochastic games of partial observation on graphs, in every state of the graph, the players simultaneously choose an action, and their joint actions determine a probability distribution over the successor states. The game is played for infinitely many rounds and thus the players construct an infinite path in the graph. We consider reachability objectives where the first player tries to ensure a target state to be visited almost-surely (i.e., with probability 1) or positively (i.e., with positive probability), no matter the strategy of the second player. We classify such games according to the information and to the power of randomization available to the players. On the basis of information, the game can be one-sided with either (a) player 1, or (b) player 2 having partial observation (and the other player has perfect observation), or two-sided with (c) both players having partial observation. On the basis of randomization, (a) the players may not be allowed to use randomization (pure strategies), or (b) they may choose a probability distribution over actions but the actual random choice is external and not visible to the player (actions invisible), or (c) they may use full randomization. Our main results for pure strategies are as follows: (1) For one-sided games with player 2 having perfect observation we show that (in contrast to full randomized strategies) belief-based (subset-construction based) strategies are not sufficient, and we present an exponential upper bound on memory both for almost-sure and positive winning strategies; we show that the problem of deciding the existence of almost-sure and positive winning strategies for player 1 is EXPTIME-complete and present symbolic algorithms that avoid the explicit exponential construction. (2) For one-sided games with player 1 having perfect observation we show that nonelementarymemory is both necessary and sufficient for both almost-sure and positive winning strategies. (3) We show that for the general (two-sided) case finite-memory strategies are sufficient for both positive and almost-sure winning, and at least nonelementary memory is required. We establish the equivalence of the almost-sure winning problems for pure strategies and for randomized strategies with actions invisible. Our equivalence result exhibit serious flaws in previous results of the literature: we show a nonelementary memory lower bound for almost-sure winning whereas an exponential upper bound was previously claimed.},
author = {Chatterjee, Krishnendu and Doyen, Laurent},
journal = {ACM Transactions on Computational Logic (TOCL)},
number = {2},
publisher = {ACM},
title = {{Partial-observation stochastic games: How to win when belief fails}},
doi = {10.1145/2579821},
volume = {15},
year = {2014},
}
@inproceedings{2212,
abstract = {The theory of graph games is the foundation for modeling and synthesizing reactive processes. In the synthesis of stochastic processes, we use 2 1/2-player games where some transitions of the game graph are controlled by two adversarial players, the System and the Environment, and the other transitions are determined probabilistically. We consider 2 1/2-player games where the objective of the System is the conjunction of a qualitative objective (specified as a parity condition) and a quantitative objective (specified as a mean-payoff condition). We establish that the problem of deciding whether the System can ensure that the probability to satisfy the mean-payoff parity objective is at least a given threshold is in NP ∩ coNP, matching the best known bound in the special case of 2-player games (where all transitions are deterministic). We present an algorithm running in time O(d·n2d·MeanGame) to compute the set of almost-sure winning states from which the objective can be ensured with probability 1, where n is the number of states of the game, d the number of priorities of the parity objective, and MeanGame is the complexity to compute the set of almost-sure winning states in 2 1/2-player mean-payoff games. Our results are useful in the synthesis of stochastic reactive systems with both functional requirement (given as a qualitative objective) and performance requirement (given as a quantitative objective). },
author = {Chatterjee, Krishnendu and Doyen, Laurent and Gimbert, Hugo and Oualhadj, Youssouf},
location = {Grenoble, France},
pages = {210 -- 225},
publisher = {Springer},
title = {{Perfect-information stochastic mean-payoff parity games}},
doi = {10.1007/978-3-642-54830-7_14},
volume = {8412},
year = {2014},
}
@inproceedings{2213,
abstract = {We consider two-player partial-observation stochastic games on finitestate graphs where player 1 has partial observation and player 2 has perfect observation. The winning condition we study are ε-regular conditions specified as parity objectives. The qualitative-analysis problem given a partial-observation stochastic game and a parity objective asks whether there is a strategy to ensure that the objective is satisfied with probability 1 (resp. positive probability). These qualitative-analysis problems are known to be undecidable. However in many applications the relevant question is the existence of finite-memory strategies, and the qualitative-analysis problems under finite-memory strategies was recently shown to be decidable in 2EXPTIME.We improve the complexity and show that the qualitative-analysis problems for partial-observation stochastic parity games under finite-memory strategies are EXPTIME-complete; and also establish optimal (exponential) memory bounds for finite-memory strategies required for qualitative analysis.},
author = {Chatterjee, Krishnendu and Doyen, Laurent and Nain, Sumit and Vardi, Moshe},
location = {Grenoble, France},
pages = {242 -- 257},
publisher = {Springer},
title = {{The complexity of partial-observation stochastic parity games with finite-memory strategies}},
doi = {10.1007/978-3-642-54830-7_16},
volume = {8412},
year = {2014},
}
@article{2214,
abstract = {A hallmark of immune cell trafficking is directional guidance via gradients of soluble or surface bound chemokines. Vascular endothelial cells produce, transport and deposit either their own chemokines or chemokines produced by the underlying stroma. Endothelial heparan sulfate (HS) was suggested to be a critical scaffold for these chemokine pools, but it is unclear how steep chemokine gradients are sustained between the lumenal and ablumenal aspects of blood vessels. Addressing this question by semi-quantitative immunostaining of HS moieties around blood vessels with a pan anti-HS IgM mAb, we found a striking HS enrichment in the basal lamina of resting and inflamed post capillary skin venules, as well as in high endothelial venules (HEVs) of lymph nodes. Staining of skin vessels with a glycocalyx probe further suggested that their lumenal glycocalyx contains much lower HS density than their basolateral extracellular matrix (ECM). This polarized HS pattern was observed also in isolated resting and inflamed microvascular dermal cells. Notably, progressive skin inflammation resulted in massive ECM deposition and in further HS enrichment around skin post capillary venules and their associated pericytes. Inflammation-dependent HS enrichment was not compromised in mice deficient in the main HS degrading enzyme, heparanase. Our results suggest that the blood vasculature patterns steep gradients of HS scaffolds between their lumenal and basolateral endothelial aspects, and that inflammatory processes can further enrich the HS content nearby inflamed vessels. We propose that chemokine gradients between the lumenal and ablumenal sides of vessels could be favored by these sharp HS scaffold gradients.},
author = {Stoler Barak, Liat and Moussion, Christine and Shezen, Elias and Hatzav, Miki and Sixt, Michael K and Alon, Ronen},
journal = {PLoS One},
number = {1},
publisher = {Public Library of Science},
title = {{Blood vessels pattern heparan sulfate gradients between their apical and basolateral aspects}},
doi = {10.1371/journal.pone.0085699},
volume = {9},
year = {2014},
}
@article{2215,
abstract = {Homologous recombination is crucial for genome stability and for genetic exchange. Although our knowledge of the principle steps in recombination and its machinery is well advanced, homology search, the critical step of exploring the genome for homologous sequences to enable recombination, has remained mostly enigmatic. However, recent methodological advances have provided considerable new insights into this fundamental step in recombination that can be integrated into a mechanistic model. These advances emphasize the importance of genomic proximity and nuclear organization for homology search and the critical role of homology search mediators in this process. They also aid our understanding of how homology search might lead to unwanted and potentially disease-promoting recombination events.},
author = {Renkawitz, Jörg and Lademann, Claudio and Jentsch, Stefan},
journal = {Nature Reviews Molecular Cell Biology},
number = {6},
pages = {369 -- 383},
publisher = {Nature Publishing Group},
title = {{Mechanisms and principles of homology search during recombination}},
doi = {10.1038/nrm3805},
volume = {15},
year = {2014},
}
@inproceedings{2216,
abstract = {The edit distance between two (untimed) traces is the minimum cost of a sequence of edit operations (insertion, deletion, or substitution) needed to transform one trace to the other. Edit distances have been extensively studied in the untimed setting, and form the basis for approximate matching of sequences in different domains such as coding theory, parsing, and speech recognition. In this paper, we lift the study of edit distances from untimed languages to the timed setting. We define an edit distance between timed words which incorporates both the edit distance between the untimed words and the absolute difference in time stamps. Our edit distance between two timed words is computable in polynomial time. Further, we show that the edit distance between a timed word and a timed language generated by a timed automaton, defined as the edit distance between the word and the closest word in the language, is PSPACE-complete. While computing the edit distance between two timed automata is undecidable, we show that the approximate version, where we decide if the edit distance between two timed automata is either less than a given parameter or more than δ away from the parameter, for δ > 0, can be solved in exponential space and is EXPSPACE-hard. Our definitions and techniques can be generalized to the setting of hybrid systems, and analogous decidability results hold for rectangular automata.},
author = {Chatterjee, Krishnendu and Ibsen-Jensen, Rasmus and Majumdar, Ritankar},
location = {Berlin, Germany},
pages = {303 -- 312},
publisher = {Springer},
title = {{Edit distance for timed automata}},
doi = {10.1145/2562059.2562141},
year = {2014},
}
@inproceedings{2217,
abstract = {As hybrid systems involve continuous behaviors, they should be evaluated by quantitative methods, rather than qualitative methods. In this paper we adapt a quantitative framework, called model measuring, to the hybrid systems domain. The model-measuring problem asks, given a model M and a specification, what is the maximal distance such that all models within that distance from M satisfy (or violate) the specification. A distance function on models is given as part of the input of the problem. Distances, especially related to continuous behaviors are more natural in the hybrid case than the discrete case. We are interested in distances represented by monotonic hybrid automata, a hybrid counterpart of (discrete) weighted automata, whose recognized timed languages are monotone (w.r.t. inclusion) in the values of parameters.
The contributions of this paper are twofold. First, we give sufficient conditions under which the model-measuring problem can be solved. Second, we discuss the modeling of distances and applications of the model-measuring problem.},
author = {Henzinger, Thomas A and Otop, Jan},
booktitle = {Proceedings of the 17th international conference on Hybrid systems: computation and control},
location = {Berlin, Germany},
pages = {213 -- 222},
publisher = {Springer},
title = {{Model measuring for hybrid systems}},
doi = {10.1145/2562059.2562130},
year = {2014},
}
@inproceedings{2218,
abstract = {While fixing concurrency bugs, program repair algorithms may introduce new concurrency bugs. We present an algorithm that avoids such regressions. The solution space is given by a set of program transformations we consider in the repair process. These include reordering of instructions within a thread and inserting atomic sections. The new algorithm learns a constraint on the space of candidate solutions, from both positive examples (error-free traces) and counterexamples (error traces). From each counterexample, the algorithm learns a constraint necessary to remove the errors. From each positive examples, it learns a constraint that is necessary in order to prevent the repair from turning the trace into an error trace. We implemented the algorithm and evaluated it on simplified Linux device drivers with known bugs.},
author = {Cerny, Pavol and Henzinger, Thomas A and Radhakrishna, Arjun and Ryzhyk, Leonid and Tarrach, Thorsten},
isbn = {978-331908866-2},
location = {Vienna, Austria},
pages = {568 -- 584},
publisher = {Springer},
title = {{Regression-free synthesis for concurrency}},
doi = {10.1007/978-3-319-08867-9_38},
volume = {8559},
year = {2014},
}
@inproceedings{2219,
abstract = {Recently, Döttling et al. (ASIACRYPT 2012) proposed the first chosen-ciphertext (IND-CCA) secure public-key encryption scheme from the learning parity with noise (LPN) assumption. In this work we give an alternative scheme which is conceptually simpler and more efficient. At the core of our construction is a trapdoor technique originally proposed for lattices by Micciancio and Peikert (EUROCRYPT 2012), which we adapt to the LPN setting. The main technical tool is a new double-trapdoor mechanism, together with a trapdoor switching lemma based on a computational variant of the leftover hash lemma.},
author = {Kiltz, Eike and Masny, Daniel and Pietrzak, Krzysztof Z},
isbn = {978-364254630-3},
pages = {1 -- 18},
publisher = {Springer},
title = {{Simple chosen-ciphertext security from low noise LPN}},
doi = {10.1007/978-3-642-54631-0_1},
volume = {8383},
year = {2014},
}