---
_id: '3250'
abstract:
- lang: eng
text: The Learning Parity with Noise (LPN) problem has recently found many applications
in cryptography as the hardness assumption underlying the constructions of "provably
secure" cryptographic schemes like encryption or authentication protocols.
Being provably secure means that the scheme comes with a proof showing that the
existence of an efficient adversary against the scheme implies that the underlying
hardness assumption is wrong. LPN based schemes are appealing for theoretical
and practical reasons. On the theoretical side, LPN based schemes offer a very
strong security guarantee. The LPN problem is equivalent to the problem of decoding
random linear codes, a problem that has been extensively studied in the last half
century. The fastest known algorithms run in exponential time and unlike most
number-theoretic problems used in cryptography, the LPN problem does not succumb
to known quantum algorithms. On the practical side, LPN based schemes are often
extremely simple and efficient in terms of code-size as well as time and space
requirements. This makes them prime candidates for light-weight devices like RFID
tags, which are too weak to implement standard cryptographic primitives like the
AES block-cipher. This talk will be a gentle introduction to provable security
using simple LPN based schemes as examples. Starting from pseudorandom generators
and symmetric key encryption, over secret-key authentication protocols, and, if
time admits, touching on recent constructions of public-key identification, commitments
and zero-knowledge proofs.
alternative_title:
- LNCS
author:
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Pietrzak KZ. Cryptography from learning parity with noise. In: Vol 7147. Springer;
2012:99-114. doi:10.1007/978-3-642-27660-6_9'
apa: 'Pietrzak, K. Z. (2012). Cryptography from learning parity with noise (Vol.
7147, pp. 99–114). Presented at the SOFSEM: Current Trends in Theory and Practice
of Computer Science, Špindlerův Mlýn, Czech Republic: Springer. https://doi.org/10.1007/978-3-642-27660-6_9'
chicago: Pietrzak, Krzysztof Z. “Cryptography from Learning Parity with Noise,”
7147:99–114. Springer, 2012. https://doi.org/10.1007/978-3-642-27660-6_9.
ieee: 'K. Z. Pietrzak, “Cryptography from learning parity with noise,” presented
at the SOFSEM: Current Trends in Theory and Practice of Computer Science, Špindlerův
Mlýn, Czech Republic, 2012, vol. 7147, pp. 99–114.'
ista: 'Pietrzak KZ. 2012. Cryptography from learning parity with noise. SOFSEM:
Current Trends in Theory and Practice of Computer Science, LNCS, vol. 7147, 99–114.'
mla: Pietrzak, Krzysztof Z. Cryptography from Learning Parity with Noise.
Vol. 7147, Springer, 2012, pp. 99–114, doi:10.1007/978-3-642-27660-6_9.
short: K.Z. Pietrzak, in:, Springer, 2012, pp. 99–114.
conference:
end_date: 2012-01-27
location: Špindlerův Mlýn, Czech Republic
name: 'SOFSEM: Current Trends in Theory and Practice of Computer Science'
start_date: 2012-01-21
date_created: 2018-12-11T12:02:15Z
date_published: 2012-02-19T00:00:00Z
date_updated: 2021-01-12T07:42:07Z
day: '19'
department:
- _id: KrPi
doi: 10.1007/978-3-642-27660-6_9
intvolume: ' 7147'
language:
- iso: eng
month: '02'
oa_version: None
page: 99 - 114
publication_status: published
publisher: Springer
publist_id: '3407'
quality_controlled: '1'
scopus_import: 1
status: public
title: Cryptography from learning parity with noise
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 7147
year: '2012'
...
---
_id: '3256'
abstract:
- lang: eng
text: We use a distortion to define the dual complex of a cubical subdivision of
ℝ n as an n-dimensional subcomplex of the nerve of the set of n-cubes. Motivated
by the topological analysis of high-dimensional digital image data, we consider
such subdivisions defined by generalizations of quad- and oct-trees to n dimensions.
Assuming the subdivision is balanced, we show that mapping each vertex to the
center of the corresponding n-cube gives a geometric realization of the dual complex
in ℝ n.
acknowledgement: This research is partially supported by the Defense Advanced Research
Projects Agency (DARPA) under grants HR0011-05-1-0057 and HR0011-09-0065 as well
as the National Science Foundation (NSF) under grant DBI-0820624.
author:
- first_name: Herbert
full_name: Edelsbrunner, Herbert
id: 3FB178DA-F248-11E8-B48F-1D18A9856A87
last_name: Edelsbrunner
orcid: 0000-0002-9823-6833
- first_name: Michael
full_name: Kerber, Michael
id: 36E4574A-F248-11E8-B48F-1D18A9856A87
last_name: Kerber
orcid: 0000-0002-8030-9299
citation:
ama: Edelsbrunner H, Kerber M. Dual complexes of cubical subdivisions of ℝn. Discrete
& Computational Geometry. 2012;47(2):393-414. doi:10.1007/s00454-011-9382-4
apa: Edelsbrunner, H., & Kerber, M. (2012). Dual complexes of cubical subdivisions
of ℝn. Discrete & Computational Geometry. Springer. https://doi.org/10.1007/s00454-011-9382-4
chicago: Edelsbrunner, Herbert, and Michael Kerber. “Dual Complexes of Cubical Subdivisions
of ℝn.” Discrete & Computational Geometry. Springer, 2012. https://doi.org/10.1007/s00454-011-9382-4.
ieee: H. Edelsbrunner and M. Kerber, “Dual complexes of cubical subdivisions of
ℝn,” Discrete & Computational Geometry, vol. 47, no. 2. Springer, pp.
393–414, 2012.
ista: Edelsbrunner H, Kerber M. 2012. Dual complexes of cubical subdivisions of
ℝn. Discrete & Computational Geometry. 47(2), 393–414.
mla: Edelsbrunner, Herbert, and Michael Kerber. “Dual Complexes of Cubical Subdivisions
of ℝn.” Discrete & Computational Geometry, vol. 47, no. 2, Springer,
2012, pp. 393–414, doi:10.1007/s00454-011-9382-4.
short: H. Edelsbrunner, M. Kerber, Discrete & Computational Geometry 47 (2012)
393–414.
date_created: 2018-12-11T12:02:17Z
date_published: 2012-03-01T00:00:00Z
date_updated: 2021-01-12T07:42:10Z
day: '01'
ddc:
- '000'
department:
- _id: HeEd
doi: 10.1007/s00454-011-9382-4
file:
- access_level: open_access
checksum: 76486f3b2c9e7fd81342f3832ca387e7
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:08:15Z
date_updated: 2020-07-14T12:46:05Z
file_id: '4675'
file_name: IST-2016-543-v1+1_2012-J-08-HierarchyCubeComplex.pdf
file_size: 203636
relation: main_file
file_date_updated: 2020-07-14T12:46:05Z
has_accepted_license: '1'
intvolume: ' 47'
issue: '2'
language:
- iso: eng
month: '03'
oa: 1
oa_version: Submitted Version
page: 393 - 414
publication: Discrete & Computational Geometry
publication_status: published
publisher: Springer
publist_id: '3398'
pubrep_id: '543'
quality_controlled: '1'
scopus_import: 1
status: public
title: Dual complexes of cubical subdivisions of ℝn
type: journal_article
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 47
year: '2012'
...
---
_id: '3254'
abstract:
- lang: eng
text: 'The theory of graph games with ω-regular winning conditions is the foundation
for modeling and synthesizing reactive processes. In the case of stochastic reactive
processes, the corresponding stochastic graph games have three players, two of
them (System and Environment) behaving adversarially, and the third (Uncertainty)
behaving probabilistically. We consider two problems for stochastic graph games:
the qualitative problem asks for the set of states from which a player can win
with probability 1 (almost-sure winning); and the quantitative problem asks for
the maximal probability of winning (optimal winning) from each state. We consider
ω-regular winning conditions formalized as Müller winning conditions. We present
optimal memory bounds for pure (deterministic) almost-sure winning and optimal
winning strategies in stochastic graph games with Müller winning conditions. We
also study the complexity of stochastic Müller games and show that both the qualitative
and quantitative analysis problems are PSPACE-complete. Our results are relevant
in synthesis of stochastic reactive processes.'
acknowledgement: 'The research was supported by Austrian Science Fund (FWF) Grant
No. P 23499-N23, FWF NFN Grant No. S11407-N23 (RiSE), ERC Start grant (279307: Graph
Games), and Microsoft faculty fellows award.'
author:
- first_name: Krishnendu
full_name: Chatterjee, Krishnendu
id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87
last_name: Chatterjee
orcid: 0000-0002-4561-241X
citation:
ama: Chatterjee K. The complexity of stochastic Müller games. Information and
Computation. 2012;211:29-48. doi:10.1016/j.ic.2011.11.004
apa: Chatterjee, K. (2012). The complexity of stochastic Müller games. Information
and Computation. Elsevier. https://doi.org/10.1016/j.ic.2011.11.004
chicago: Chatterjee, Krishnendu. “The Complexity of Stochastic Müller Games.” Information
and Computation. Elsevier, 2012. https://doi.org/10.1016/j.ic.2011.11.004.
ieee: K. Chatterjee, “The complexity of stochastic Müller games,” Information
and Computation, vol. 211. Elsevier, pp. 29–48, 2012.
ista: Chatterjee K. 2012. The complexity of stochastic Müller games. Information
and Computation. 211, 29–48.
mla: Chatterjee, Krishnendu. “The Complexity of Stochastic Müller Games.” Information
and Computation, vol. 211, Elsevier, 2012, pp. 29–48, doi:10.1016/j.ic.2011.11.004.
short: K. Chatterjee, Information and Computation 211 (2012) 29–48.
date_created: 2018-12-11T12:02:17Z
date_published: 2012-02-01T00:00:00Z
date_updated: 2021-01-12T07:42:09Z
day: '01'
department:
- _id: KrCh
doi: 10.1016/j.ic.2011.11.004
ec_funded: 1
intvolume: ' 211'
language:
- iso: eng
main_file_link:
- url: http://arise.or.at/pubpdf/The_complexity_of_stochastic_M___u_ller_games.pdf
month: '02'
oa_version: None
page: 29 - 48
project:
- _id: 2584A770-B435-11E9-9278-68D0E5697425
call_identifier: FWF
grant_number: P 23499-N23
name: Modern Graph Algorithmic Techniques in Formal Verification
- _id: 25832EC2-B435-11E9-9278-68D0E5697425
call_identifier: FWF
grant_number: S 11407_N23
name: Rigorous Systems Engineering
- _id: 2581B60A-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '279307'
name: 'Quantitative Graph Games: Theory and Applications'
- _id: 2587B514-B435-11E9-9278-68D0E5697425
name: Microsoft Research Faculty Fellowship
publication: Information and Computation
publication_status: published
publisher: Elsevier
publist_id: '3403'
quality_controlled: '1'
scopus_import: 1
status: public
title: The complexity of stochastic Müller games
type: journal_article
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 211
year: '2012'
...
---
_id: '3253'
abstract:
- lang: eng
text: We describe a framework for reasoning about programs with lists carrying integer
numerical data. We use abstract domains to describe and manipulate complex constraints
on configurations of these programs mixing constraints on the shape of the heap,
sizes of the lists, on the multisets of data stored in these lists, and on the
data at their different positions. Moreover, we provide powerful techniques for
automatic validation of Hoare-triples and invariant checking, as well as for automatic
synthesis of invariants and procedure summaries using modular inter-procedural
analysis. The approach has been implemented in a tool called Celia and experimented
successfully on a large benchmark of programs.
acknowledgement: This work was partly supported by the French National Research Agency
(ANR) project Veridyc (ANR-09-SEGI-016).
alternative_title:
- LNCS
author:
- first_name: Ahmed
full_name: Bouajjani, Ahmed
last_name: Bouajjani
- first_name: Cezara
full_name: Dragoi, Cezara
id: 2B2B5ED0-F248-11E8-B48F-1D18A9856A87
last_name: Dragoi
- first_name: Constantin
full_name: Enea, Constantin
last_name: Enea
- first_name: Mihaela
full_name: Sighireanu, Mihaela
last_name: Sighireanu
citation:
ama: 'Bouajjani A, Dragoi C, Enea C, Sighireanu M. Abstract domains for automated
reasoning about list manipulating programs with infinite data. In: Vol 7148. Springer;
2012:1-22. doi:10.1007/978-3-642-27940-9_1'
apa: 'Bouajjani, A., Dragoi, C., Enea, C., & Sighireanu, M. (2012). Abstract
domains for automated reasoning about list manipulating programs with infinite
data (Vol. 7148, pp. 1–22). Presented at the VMCAI: Verification, Model Checking
and Abstract Interpretation, Philadelphia, PA, USA: Springer. https://doi.org/10.1007/978-3-642-27940-9_1'
chicago: Bouajjani, Ahmed, Cezara Dragoi, Constantin Enea, and Mihaela Sighireanu.
“Abstract Domains for Automated Reasoning about List Manipulating Programs with
Infinite Data,” 7148:1–22. Springer, 2012. https://doi.org/10.1007/978-3-642-27940-9_1.
ieee: 'A. Bouajjani, C. Dragoi, C. Enea, and M. Sighireanu, “Abstract domains for
automated reasoning about list manipulating programs with infinite data,” presented
at the VMCAI: Verification, Model Checking and Abstract Interpretation, Philadelphia,
PA, USA, 2012, vol. 7148, pp. 1–22.'
ista: 'Bouajjani A, Dragoi C, Enea C, Sighireanu M. 2012. Abstract domains for automated
reasoning about list manipulating programs with infinite data. VMCAI: Verification,
Model Checking and Abstract Interpretation, LNCS, vol. 7148, 1–22.'
mla: Bouajjani, Ahmed, et al. Abstract Domains for Automated Reasoning about
List Manipulating Programs with Infinite Data. Vol. 7148, Springer, 2012,
pp. 1–22, doi:10.1007/978-3-642-27940-9_1.
short: A. Bouajjani, C. Dragoi, C. Enea, M. Sighireanu, in:, Springer, 2012, pp.
1–22.
conference:
end_date: 2012-01-24
location: Philadelphia, PA, USA
name: 'VMCAI: Verification, Model Checking and Abstract Interpretation'
start_date: 2012-01-22
date_created: 2018-12-11T12:02:17Z
date_published: 2012-02-26T00:00:00Z
date_updated: 2021-01-12T07:42:09Z
day: '26'
department:
- _id: ToHe
doi: 10.1007/978-3-642-27940-9_1
intvolume: ' 7148'
language:
- iso: eng
month: '02'
oa_version: None
page: 1 - 22
publication_status: published
publisher: Springer
publist_id: '3404'
quality_controlled: '1'
status: public
title: Abstract domains for automated reasoning about list manipulating programs with
infinite data
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 7148
year: '2012'
...
---
_id: '3265'
abstract:
- lang: eng
text: We propose a mid-level statistical model for image segmentation that composes
multiple figure-ground hypotheses (FG) obtained by applying constraints at different
locations and scales, into larger interpretations (tilings) of the entire image.
Inference is cast as optimization over sets of maximal cliques sampled from a
graph connecting all non-overlapping figure-ground segment hypotheses. Potential
functions over cliques combine unary, Gestalt-based figure qualities, and pairwise
compatibilities among spatially neighboring segments, constrained by T-junctions
and the boundary interface statistics of real scenes. Learning the model parameters
is based on maximum likelihood, alternating between sampling image tilings and
optimizing their potential function parameters. State of the art results are reported
on the Berkeley and Stanford segmentation datasets, as well as VOC2009, where
a 28% improvement was achieved.
article_number: '6126486'
author:
- first_name: Adrian
full_name: Ion, Adrian
id: 29F89302-F248-11E8-B48F-1D18A9856A87
last_name: Ion
- first_name: Joao
full_name: Carreira, Joao
last_name: Carreira
- first_name: Cristian
full_name: Sminchisescu, Cristian
last_name: Sminchisescu
citation:
ama: 'Ion A, Carreira J, Sminchisescu C. Image segmentation by figure-ground composition
into maximal cliques. In: IEEE; 2012. doi:10.1109/ICCV.2011.6126486'
apa: 'Ion, A., Carreira, J., & Sminchisescu, C. (2012). Image segmentation by
figure-ground composition into maximal cliques. Presented at the ICCV: International
Conference on Computer Vision, Barcelona, Spain: IEEE. https://doi.org/10.1109/ICCV.2011.6126486'
chicago: Ion, Adrian, Joao Carreira, and Cristian Sminchisescu. “Image Segmentation
by Figure-Ground Composition into Maximal Cliques.” IEEE, 2012. https://doi.org/10.1109/ICCV.2011.6126486.
ieee: 'A. Ion, J. Carreira, and C. Sminchisescu, “Image segmentation by figure-ground
composition into maximal cliques,” presented at the ICCV: International Conference
on Computer Vision, Barcelona, Spain, 2012.'
ista: 'Ion A, Carreira J, Sminchisescu C. 2012. Image segmentation by figure-ground
composition into maximal cliques. ICCV: International Conference on Computer Vision,
6126486.'
mla: Ion, Adrian, et al. Image Segmentation by Figure-Ground Composition into
Maximal Cliques. 6126486, IEEE, 2012, doi:10.1109/ICCV.2011.6126486.
short: A. Ion, J. Carreira, C. Sminchisescu, in:, IEEE, 2012.
conference:
end_date: 2011-11-13
location: Barcelona, Spain
name: 'ICCV: International Conference on Computer Vision'
start_date: 2011-11-06
date_created: 2018-12-11T12:02:21Z
date_published: 2012-01-12T00:00:00Z
date_updated: 2021-01-12T07:42:15Z
day: '12'
department:
- _id: HeEd
doi: 10.1109/ICCV.2011.6126486
language:
- iso: eng
month: '01'
oa_version: None
publication_status: published
publisher: IEEE
publist_id: '3382'
quality_controlled: '1'
status: public
title: Image segmentation by figure-ground composition into maximal cliques
type: conference
user_id: 4435EBFC-F248-11E8-B48F-1D18A9856A87
year: '2012'
...
---
_id: '3282'
abstract:
- lang: eng
text: 'Traditionally, symmetric-key message authentication codes (MACs) are easily
built from pseudorandom functions (PRFs). In this work we propose a wide variety
of other approaches to building efficient MACs, without going through a PRF first.
In particular, unlike deterministic PRF-based MACs, where each message has a unique
valid tag, we give a number of probabilistic MAC constructions from various other
primitives/assumptions. Our main results are summarized as follows: We show several
new probabilistic MAC constructions from a variety of general assumptions, including
CCA-secure encryption, Hash Proof Systems and key-homomorphic weak PRFs. By instantiating
these frameworks under concrete number theoretic assumptions, we get several schemes
which are more efficient than just using a state-of-the-art PRF instantiation
under the corresponding assumption. For probabilistic MACs, unlike deterministic
ones, unforgeability against a chosen message attack (uf-cma ) alone does not
imply security if the adversary can additionally make verification queries (uf-cmva
). We give an efficient generic transformation from any uf-cma secure MAC which
is "message-hiding" into a uf-cmva secure MAC. This resolves the main
open problem of Kiltz et al. from Eurocrypt''11; By using our transformation on
their constructions, we get the first efficient MACs from the LPN assumption.
While all our new MAC constructions immediately give efficient actively secure,
two-round symmetric-key identification schemes, we also show a very simple, three-round
actively secure identification protocol from any weak PRF. In particular, the
resulting protocol is much more efficient than the trivial approach of building
a regular PRF from a weak PRF. © 2012 International Association for Cryptologic
Research.'
acknowledgement: Supported by the European Research Council under the European Union’s
Seventh Framework Programme (FP7/2007-2013) / ERC Starting Grant (259668-PSPC)
alternative_title:
- LNCS
author:
- first_name: Yevgeniy
full_name: Dodis, Yevgeniy
last_name: Dodis
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
- first_name: Eike
full_name: Kiltz, Eike
last_name: Kiltz
- first_name: Daniel
full_name: Wichs, Daniel
last_name: Wichs
citation:
ama: 'Dodis Y, Pietrzak KZ, Kiltz E, Wichs D. Message authentication, revisited.
In: Vol 7237. Springer; 2012:355-374. doi:10.1007/978-3-642-29011-4_22'
apa: 'Dodis, Y., Pietrzak, K. Z., Kiltz, E., & Wichs, D. (2012). Message authentication,
revisited (Vol. 7237, pp. 355–374). Presented at the EUROCRYPT: Theory and Applications
of Cryptographic Techniques, Cambridge, UK: Springer. https://doi.org/10.1007/978-3-642-29011-4_22'
chicago: Dodis, Yevgeniy, Krzysztof Z Pietrzak, Eike Kiltz, and Daniel Wichs. “Message
Authentication, Revisited,” 7237:355–74. Springer, 2012. https://doi.org/10.1007/978-3-642-29011-4_22.
ieee: 'Y. Dodis, K. Z. Pietrzak, E. Kiltz, and D. Wichs, “Message authentication,
revisited,” presented at the EUROCRYPT: Theory and Applications of Cryptographic
Techniques, Cambridge, UK, 2012, vol. 7237, pp. 355–374.'
ista: 'Dodis Y, Pietrzak KZ, Kiltz E, Wichs D. 2012. Message authentication, revisited.
EUROCRYPT: Theory and Applications of Cryptographic Techniques, LNCS, vol. 7237,
355–374.'
mla: Dodis, Yevgeniy, et al. Message Authentication, Revisited. Vol. 7237,
Springer, 2012, pp. 355–74, doi:10.1007/978-3-642-29011-4_22.
short: Y. Dodis, K.Z. Pietrzak, E. Kiltz, D. Wichs, in:, Springer, 2012, pp. 355–374.
conference:
end_date: 2012-04-19
location: Cambridge, UK
name: 'EUROCRYPT: Theory and Applications of Cryptographic Techniques'
start_date: 2012-04-15
date_created: 2018-12-11T12:02:27Z
date_published: 2012-03-10T00:00:00Z
date_updated: 2021-01-12T07:42:22Z
day: '10'
ddc:
- '000'
- '004'
department:
- _id: KrPi
doi: 10.1007/978-3-642-29011-4_22
ec_funded: 1
file:
- access_level: open_access
checksum: 8557c17a8c2586d06ebfe62d934f5c5f
content_type: application/pdf
creator: system
date_created: 2018-12-12T10:14:23Z
date_updated: 2020-07-14T12:46:06Z
file_id: '5074'
file_name: IST-2016-686-v1+1_059.pdf
file_size: 372292
relation: main_file
file_date_updated: 2020-07-14T12:46:06Z
has_accepted_license: '1'
intvolume: ' 7237'
language:
- iso: eng
license: https://creativecommons.org/licenses/by/4.0/
month: '03'
oa: 1
oa_version: Submitted Version
page: 355 - 374
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '3364'
pubrep_id: '686'
quality_controlled: '1'
status: public
title: Message authentication, revisited
tmp:
image: /images/cc_by.png
legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
short: CC BY (4.0)
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 7237
year: '2012'
...
---
_id: '3280'
abstract:
- lang: eng
text: 'The (decisional) learning with errors problem (LWE) asks to distinguish "noisy"
inner products of a secret vector with random vectors from uniform. The learning
parities with noise problem (LPN) is the special case where the elements of the
vectors are bits. In recent years, the LWE and LPN problems have found many applications
in cryptography. In this paper we introduce a (seemingly) much stronger adaptive
assumption, called "subspace LWE" (SLWE), where the adversary can learn
the inner product of the secret and random vectors after they were projected into
an adaptively and adversarially chosen subspace. We prove that, surprisingly,
the SLWE problem mapping into subspaces of dimension d is almost as hard as LWE
using secrets of length d (the other direction is trivial.) This result immediately
implies that several existing cryptosystems whose security is based on the hardness
of the LWE/LPN problems are provably secure in a much stronger sense than anticipated.
As an illustrative example we show that the standard way of using LPN for symmetric
CPA secure encryption is even secure against a very powerful class of related
key attacks. '
acknowledgement: Supported by the European Research Council under the European Union’s
Seventh Framework Programme (FP7/2007-2013) / ERC Starting Grant (259668-PSPC).
alternative_title:
- LNCS
author:
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
citation:
ama: 'Pietrzak KZ. Subspace LWE. In: Vol 7194. Springer; 2012:548-563. doi:10.1007/978-3-642-28914-9_31'
apa: 'Pietrzak, K. Z. (2012). Subspace LWE (Vol. 7194, pp. 548–563). Presented at
the TCC: Theory of Cryptography Conference, Taormina, Sicily, Italy: Springer.
https://doi.org/10.1007/978-3-642-28914-9_31'
chicago: Pietrzak, Krzysztof Z. “Subspace LWE,” 7194:548–63. Springer, 2012. https://doi.org/10.1007/978-3-642-28914-9_31.
ieee: 'K. Z. Pietrzak, “Subspace LWE,” presented at the TCC: Theory of Cryptography
Conference, Taormina, Sicily, Italy, 2012, vol. 7194, pp. 548–563.'
ista: 'Pietrzak KZ. 2012. Subspace LWE. TCC: Theory of Cryptography Conference,
LNCS, vol. 7194, 548–563.'
mla: Pietrzak, Krzysztof Z. Subspace LWE. Vol. 7194, Springer, 2012, pp.
548–63, doi:10.1007/978-3-642-28914-9_31.
short: K.Z. Pietrzak, in:, Springer, 2012, pp. 548–563.
conference:
end_date: 2012-03-21
location: Taormina, Sicily, Italy
name: 'TCC: Theory of Cryptography Conference'
start_date: 2012-03-19
date_created: 2018-12-11T12:02:26Z
date_published: 2012-05-04T00:00:00Z
date_updated: 2021-01-12T07:42:21Z
day: '04'
department:
- _id: KrPi
doi: 10.1007/978-3-642-28914-9_31
ec_funded: 1
intvolume: ' 7194'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: http://www.iacr.org/archive/tcc2012/71940166/71940166.pdf
month: '05'
oa: 1
oa_version: Submitted Version
page: 548 - 563
project:
- _id: 258C570E-B435-11E9-9278-68D0E5697425
call_identifier: FP7
grant_number: '259668'
name: Provable Security for Physical Cryptography
publication_status: published
publisher: Springer
publist_id: '3366'
quality_controlled: '1'
status: public
title: Subspace LWE
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 7194
year: '2012'
...
---
_id: '3281'
abstract:
- lang: eng
text: 'We consider the problem of amplifying the "lossiness" of functions.
We say that an oracle circuit C*: {0,1} m → {0,1}* amplifies relative lossiness
from ℓ/n to L/m if for every function f:{0,1} n → {0,1} n it holds that 1 If f
is injective then so is C f. 2 If f has image size of at most 2 n-ℓ, then C f
has image size at most 2 m-L. The question is whether such C* exists for L/m ≫
ℓ/n. This problem arises naturally in the context of cryptographic "lossy
functions," where the relative lossiness is the key parameter. We show that
for every circuit C* that makes at most t queries to f, the relative lossiness
of C f is at most L/m ≤ ℓ/n + O(log t)/n. In particular, no black-box method making
a polynomial t = poly(n) number of queries can amplify relative lossiness by more
than an O(logn)/n additive term. We show that this is tight by giving a simple
construction (cascading with some randomization) that achieves such amplification.'
acknowledgement: "We would like to thank Oded Goldreich and Omer Rein- gold for discussions
at an early stage of this project, and Scott Aaronson for clarifications regarding
the collision problem.\r\n"
alternative_title:
- LNCS
author:
- first_name: Krzysztof Z
full_name: Pietrzak, Krzysztof Z
id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87
last_name: Pietrzak
orcid: 0000-0002-9139-1654
- first_name: Alon
full_name: Rosen, Alon
last_name: Rosen
- first_name: Gil
full_name: Segev, Gil
last_name: Segev
citation:
ama: 'Pietrzak KZ, Rosen A, Segev G. Lossy functions do not amplify well. In: Vol
7194. Springer; 2012:458-475. doi:10.1007/978-3-642-28914-9_26'
apa: 'Pietrzak, K. Z., Rosen, A., & Segev, G. (2012). Lossy functions do not
amplify well (Vol. 7194, pp. 458–475). Presented at the TCC: Theory of Cryptography
Conference, Taormina, Sicily, Italy: Springer. https://doi.org/10.1007/978-3-642-28914-9_26'
chicago: Pietrzak, Krzysztof Z, Alon Rosen, and Gil Segev. “Lossy Functions Do Not
Amplify Well,” 7194:458–75. Springer, 2012. https://doi.org/10.1007/978-3-642-28914-9_26.
ieee: 'K. Z. Pietrzak, A. Rosen, and G. Segev, “Lossy functions do not amplify well,”
presented at the TCC: Theory of Cryptography Conference, Taormina, Sicily, Italy,
2012, vol. 7194, pp. 458–475.'
ista: 'Pietrzak KZ, Rosen A, Segev G. 2012. Lossy functions do not amplify well.
TCC: Theory of Cryptography Conference, LNCS, vol. 7194, 458–475.'
mla: Pietrzak, Krzysztof Z., et al. Lossy Functions Do Not Amplify Well.
Vol. 7194, Springer, 2012, pp. 458–75, doi:10.1007/978-3-642-28914-9_26.
short: K.Z. Pietrzak, A. Rosen, G. Segev, in:, Springer, 2012, pp. 458–475.
conference:
end_date: 2012-03-21
location: Taormina, Sicily, Italy
name: 'TCC: Theory of Cryptography Conference'
start_date: 2012-03-19
date_created: 2018-12-11T12:02:26Z
date_published: 2012-05-04T00:00:00Z
date_updated: 2021-01-12T07:42:22Z
day: '04'
department:
- _id: KrPi
doi: 10.1007/978-3-642-28914-9_26
intvolume: ' 7194'
language:
- iso: eng
main_file_link:
- url: http://www.iacr.org/archive/tcc2012/tcc2012-index.html
month: '05'
oa_version: None
page: 458 - 475
publication_status: published
publisher: Springer
publist_id: '3365'
quality_controlled: '1'
status: public
title: Lossy functions do not amplify well
type: conference
user_id: 3E5EF7F0-F248-11E8-B48F-1D18A9856A87
volume: 7194
year: '2012'
...
---
_id: '3284'
abstract:
- lang: eng
text: |-
We study the complexity of valued constraint satisfaction problems (VCSP). A problem from VCSP is characterised by a constraint language, a fixed set of cost functions over a finite domain. An instance of the problem is specified by a sum of cost functions from the language and the goal is to minimise the sum. Under the unique games conjecture, the approximability of finite-valued VCSPs is well-understood, see Raghavendra [FOCS’08]. However, there is no characterisation of finite-valued VCSPs, let alone general-valued VCSPs, that can be solved exactly in polynomial time, thus giving insights from a combinatorial optimisation perspective.
We consider the case of languages containing all possible unary cost functions. In the case of languages consisting of only {0, ∞}-valued cost functions (i.e. relations), such languages have been called conservative and studied by Bulatov [LICS’03] and recently by Barto [LICS’11]. Since we study valued languages, we call a language conservative if it contains all finite-valued unary cost functions. The computational complexity of conservative valued languages has been studied by Cohen et al. [AIJ’06] for languages over Boolean domains, by Deineko et al. [JACM’08] for {0,1}-valued languages (a.k.a Max-CSP), and by Takhanov [STACS’10] for {0,∞}-valued languages containing all finite- valued unary cost functions (a.k.a. Min-Cost-Hom).
We prove a Schaefer-like dichotomy theorem for conservative valued languages: if all cost functions in the language satisfy a certain condition (specified by a complementary combination of STP and MJN multimorphisms), then any instance can be solved in polynomial time (via a new algorithm developed in this paper), otherwise the language is NP-hard. This is the first complete complexity classification of general-valued constraint languages over non-Boolean domains. It is a common phenomenon that complexity classifications of problems over non-Boolean domains is significantly harder than the Boolean case. The polynomial-time algorithm we present for the tractable cases is a generalisation of the submodular minimisation problem and a result of Cohen et al. [TCS’08].
Our results generalise previous results by Takhanov [STACS’10] and (a subset of results) by Cohen et al. [AIJ’06] and Deineko et al. [JACM’08]. Moreover, our results do not rely on any computer-assisted search as in Deineko et al. [JACM’08], and provide a powerful tool for proving hardness of finite-valued and general-valued languages.
acknowledgement: Vladimir Kolmogorov is supported by the Royal Academy of Eng ineering/EPSRC.
author:
- first_name: Vladimir
full_name: Vladimir Kolmogorov
id: 3D50B0BA-F248-11E8-B48F-1D18A9856A87
last_name: Kolmogorov
- first_name: Stanislav
full_name: Živný, Stanislav
last_name: Živný
citation:
ama: 'Kolmogorov V, Živný S. The complexity of conservative valued CSPs. In: SIAM;
2012:750-759.'
apa: 'Kolmogorov, V., & Živný, S. (2012). The complexity of conservative valued
CSPs (pp. 750–759). Presented at the SODA: Symposium on Discrete Algorithms, SIAM.'
chicago: Kolmogorov, Vladimir, and Stanislav Živný. “The Complexity of Conservative
Valued CSPs,” 750–59. SIAM, 2012.
ieee: 'V. Kolmogorov and S. Živný, “The complexity of conservative valued CSPs,”
presented at the SODA: Symposium on Discrete Algorithms, 2012, pp. 750–759.'
ista: 'Kolmogorov V, Živný S. 2012. The complexity of conservative valued CSPs.
SODA: Symposium on Discrete Algorithms, 750–759.'
mla: Kolmogorov, Vladimir, and Stanislav Živný. The Complexity of Conservative
Valued CSPs. SIAM, 2012, pp. 750–59.
short: V. Kolmogorov, S. Živný, in:, SIAM, 2012, pp. 750–759.
conference:
name: 'SODA: Symposium on Discrete Algorithms'
date_created: 2018-12-11T12:02:27Z
date_published: 2012-01-01T00:00:00Z
date_updated: 2021-01-12T07:42:23Z
day: '01'
extern: 1
main_file_link:
- open_access: '1'
url: http://arxiv.org/abs/1008.1555
month: '01'
oa: 1
page: 750 - 759
publication_status: published
publisher: SIAM
publist_id: '3362'
quality_controlled: 0
status: public
title: The complexity of conservative valued CSPs
type: conference
year: '2012'
...
---
_id: '330'
abstract:
- lang: eng
text: 'A procedure for the continuous production of Cu 2ZnSnS 4 (CZTS) nanoparticles
with controlled composition is presented. CZTS nanoparticles were prepared through
the reaction of the metals'' amino complexes with elemental sulfur in a continuous-flow
reactor at moderate temperatures (300-330 °C). High-resolution transmission electron
microscopy and X-ray diffraction analysis showed the nanocrystals to have a crystallographic
structure compatible with that of the kesterite. Chemical characterization of
the materials showed the presence of the four elements in each individual nanocrystal.
Composition control was achieved by adjusting the solution flow rate through the
reactor and the proper choice of the nominal precursor concentration within the
flowing solution. Single-particle analysis revealed a composition distribution
within each sample, which was optimized at the highest synthesis temperatures
used. '
article_processing_charge: No
article_type: original
author:
- first_name: Alexey
full_name: Shavel, Alexey
last_name: Shavel
- first_name: Doris
full_name: Cadavid, Doris
last_name: Cadavid
- first_name: Maria
full_name: Ibáñez, Maria
id: 43C61214-F248-11E8-B48F-1D18A9856A87
last_name: Ibáñez
orcid: 0000-0001-5013-2843
- first_name: Alex
full_name: Carrete, Alex
last_name: Carrete
- first_name: Andreu
full_name: Cabot, Andreu
last_name: Cabot
citation:
ama: Shavel A, Cadavid D, Ibáñez M, Carrete A, Cabot A. Continuous production of
Cu inf 2 inf ZnSnS inf 4 inf nanocrystals in a flow reactor. Journal of the
American Chemical Society. 2012;134(3):1438-1441. doi:10.1021/ja209688a
apa: Shavel, A., Cadavid, D., Ibáñez, M., Carrete, A., & Cabot, A. (2012). Continuous
production of Cu inf 2 inf ZnSnS inf 4 inf nanocrystals in a flow reactor. Journal
of the American Chemical Society. ACS. https://doi.org/10.1021/ja209688a
chicago: Shavel, Alexey, Doris Cadavid, Maria Ibáñez, Alex Carrete, and Andreu Cabot.
“Continuous Production of Cu Inf 2 Inf ZnSnS Inf 4 Inf Nanocrystals in a Flow
Reactor.” Journal of the American Chemical Society. ACS, 2012. https://doi.org/10.1021/ja209688a.
ieee: A. Shavel, D. Cadavid, M. Ibáñez, A. Carrete, and A. Cabot, “Continuous production
of Cu inf 2 inf ZnSnS inf 4 inf nanocrystals in a flow reactor,” Journal of
the American Chemical Society, vol. 134, no. 3. ACS, pp. 1438–1441, 2012.
ista: Shavel A, Cadavid D, Ibáñez M, Carrete A, Cabot A. 2012. Continuous production
of Cu inf 2 inf ZnSnS inf 4 inf nanocrystals in a flow reactor. Journal of the
American Chemical Society. 134(3), 1438–1441.
mla: Shavel, Alexey, et al. “Continuous Production of Cu Inf 2 Inf ZnSnS Inf 4 Inf
Nanocrystals in a Flow Reactor.” Journal of the American Chemical Society,
vol. 134, no. 3, ACS, 2012, pp. 1438–41, doi:10.1021/ja209688a.
short: A. Shavel, D. Cadavid, M. Ibáñez, A. Carrete, A. Cabot, Journal of the American
Chemical Society 134 (2012) 1438–1441.
date_created: 2018-12-11T11:45:51Z
date_published: 2012-01-02T00:00:00Z
date_updated: 2021-01-12T07:42:29Z
day: '02'
doi: 10.1021/ja209688a
extern: '1'
intvolume: ' 134'
issue: '3'
language:
- iso: eng
month: '01'
oa_version: None
page: 1438 - 1441
publication: Journal of the American Chemical Society
publication_status: published
publisher: ACS
publist_id: '7531'
quality_controlled: '1'
status: public
title: Continuous production of Cu inf 2 inf ZnSnS inf 4 inf nanocrystals in a flow
reactor
type: journal_article
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 134
year: '2012'
...