IA Scholar Query: On Necessary and Sufficient Conditions for the Construction of Super Pseudorandom Permutations.
https://scholar.archive.org/
Internet Archive Scholar query results feedeninfo@archive.orgThu, 15 Sep 2022 00:00:00 GMTfatcat-scholarhttps://scholar.archive.org/help1440Almost Ramanujan Expanders from Arbitrary Expanders via Operator Amplification
https://scholar.archive.org/work/5mrwukheqffgvfoykq7munqdhq
We give an efficient algorithm that transforms any bounded degree expander graph into another that achieves almost optimal (namely, near-quadratic, d ≤ 1/λ^2+o(1)) trade-off between (any desired) spectral expansion λ and degree d. Furthermore, the algorithm is local: every vertex can compute its new neighbors as a subset of its original neighborhood of radius O(log(1/λ)). The optimal quadratic trade-off is known as the Ramanujan bound, so our construction gives almost Ramanujan expanders from arbitrary expanders. The locality of the transformation preserves structural properties of the original graph, and thus has many consequences. Applied to Cayley graphs, our transformation shows that any expanding finite group has almost Ramanujan expanding generators. Similarly, one can obtain almost optimal explicit constructions of quantum expanders, dimension expanders, monotone expanders, etc., from existing (suboptimal) constructions of such objects. Another consequence is a "derandomized" random walk on the original (suboptimal) expander with almost optimal convergence rate. Our transformation also applies when the degree is not bounded or the expansion is not constant. We obtain our results by a generalization of Ta-Shma's technique in his breakthrough paper [STOC 2017], used to obtain explicit almost optimal binary codes. Specifically, our spectral amplification extends Ta-Shma's analysis of bias amplification from scalars to matrices of arbitrary dimension in a very natural way. Curiously, while Ta-Shma's explicit bias amplification derandomizes a well-known probabilistic argument (underlying the Gilbert–Varshamov bound), there seems to be no known probabilistic (or other existential) way of achieving our explicit ("high-dimensional") spectral amplification.Fernando Granha Jeronimo, Tushant Mittal, Sourya Roy, Avi Wigdersonwork_5mrwukheqffgvfoykq7munqdhqThu, 15 Sep 2022 00:00:00 GMTA Tutorial Introduction to Lattice-based Cryptography and Homomorphic Encryption
https://scholar.archive.org/work/vlqa6rnsa5d3vnpa3qeaizot6a
Why study Lattice-based Cryptography? There are a few ways to answer this question. 1. It is useful to have cryptosystems that are based on a variety of hard computational problems so the different cryptosystems are not all vulnerable in the same way. 2. The computational aspects of lattice-based cryptosystem are usually simple to understand and fairly easy to implement in practice. 3. Lattice-based cryptosystems have lower encryption/decryption computational complexities compared to popular cryptosystems that are based on the integer factorisation or the discrete logarithm problems. 4. Lattice-based cryptosystems enjoy strong worst-case hardness security proofs based on approximate versions of known NP-hard lattice problems. 5. Lattice-based cryptosystems are believed to be good candidates for post-quantum cryptography, since there are currently no known quantum algorithms for solving lattice problems that perform significantly better than the best-known classical (non-quantum) algorithms, unlike for integer factorisation and (elliptic curve) discrete logarithm problems. 6. Last but not least, interesting structures in lattice problems have led to significant advances in Homomorphic Encryption, a new research area with wide-ranging applications.Yang Li, Kee Siong Ng, Michael Purcellwork_vlqa6rnsa5d3vnpa3qeaizot6aWed, 17 Aug 2022 00:00:00 GMTOptimal algorithms for learning quantum phase states
https://scholar.archive.org/work/yt4dfpgdmnel7f2la7syjksy5u
We analyze the complexity of learning n-qubit quantum phase states. A degree-d phase state is defined as a superposition of all 2^n basis vectors x with amplitudes proportional to (-1)^f(x), where f is a degree-d Boolean polynomial over n variables. We show that the sample complexity of learning an unknown degree-d phase state is Θ(n^d) if we allow separable measurements and Θ(n^d-1) if we allow entangled measurements. Our learning algorithm based on separable measurements has runtime (n) (for constant d) and is well-suited for near-term demonstrations as it requires only single-qubit measurements in the Pauli X and Z bases. We show similar bounds on the sample complexity for learning generalized phase states with complex-valued amplitudes. We further consider learning phase states when f has sparsity-s, degree-d in its 𝔽_2 representation (with sample complexity O(2^d sn)), f has Fourier-degree-t (with sample complexity O(2^2t)), and learning quadratic phase states with ε-global depolarizing noise (with sample complexity O(n^1+ε)). These learning algorithms give us a procedure to learn the diagonal unitaries of the Clifford hierarchy and IQP circuits.Srinivasan Arunachalam, Sergey Bravyi, Arkopal Dutt, Theodore J. Yoderwork_yt4dfpgdmnel7f2la7syjksy5uTue, 16 Aug 2022 00:00:00 GMTNon-Malleable Code in the Split-State Model
https://scholar.archive.org/work/ztfqgsidivapnjtm5tnumvelee
Non-malleable codes are a natural relaxation of error correction and error detection codes applicable in scenarios where error-correction or error-detection is impossible. Over the last decade, non-malleable codes have been studied for a wide variety of tampering families. Among the most well studied of these is the split-state family of tampering channels, where the codeword is split into two or more parts and each part is tampered with independently. We survey various constructions and applications of non-malleable codes in the split-state model.Divesh Aggarwal, Marshall Ball, Maciej Obremskiwork_ztfqgsidivapnjtm5tnumveleeThu, 28 Jul 2022 00:00:00 GMTLIPIcs, Volume 230, ITC 2022, Complete Volume
https://scholar.archive.org/work/x5cobg6anzbgjazexwg7mkanie
LIPIcs, Volume 230, ITC 2022, Complete VolumeDana Dachman-Soledwork_x5cobg6anzbgjazexwg7mkanieThu, 30 Jun 2022 00:00:00 GMTMachine Learning for Probabilistic Prediction
https://scholar.archive.org/work/cmab4kf7uvcnxhk64eb6h7jj2q
Prediction is the key objective of many machine learning applications. Accurate, reliable and robust predictions are essential for optimal and fair decisions by downstream components of artificial intelligence systems, especially in high-stakes applications, such as personalised health, self-driving cars, finance, new drug development, forecasting of election outcomes and pandemics. Manymodernmachinelearning algorithms output overconfident predictions, resultinginincorrectdecisionsandtechnologyacceptanceissues. Classicalcalibrationmethods rely on artificial assumptions and often result in overfitting, whilst modern calibration methods attempt to solve calibration issues by modifying components of black-box deeplearning systems. While this provides a partial solution, such modifications do not provide mathematical guarantees of predictions validity, are intrusive, complex, and costly to implement. This thesis introduces novel methods for producing well-calibrated probabilistic predictions for machine learning classification and regression problems. A new method for multi-class classification problems is developed and compared to traditional calibration approaches. In the regression setting, the thesis develops novel methods for probabilistic regression to derive predictive distribution functions that are valid under a nonparametricIIDassumptionintermsofguaranteedcoverageandcontainmoreinformation when compared to classical conformal prediction methods whilst improving computational efficiency. Experimental studies of the methods introduced in this thesis demonstrate advantages with regard to state-of-the-art. The main advantage of split conformal predictive systems is their guaranteed validity, whilst cross-conformal predictive systems enjoy higher predictive efficiency andempiricalvalidity in the absence ofexcess randomisation.Valery Manokhin, Vladimir Vovk, Alessio Sancettawork_cmab4kf7uvcnxhk64eb6h7jj2qFri, 24 Jun 2022 00:00:00 GMTMatrix Power Function Based Block Cipher Operating in CBC Mode
https://scholar.archive.org/work/lo3dqtkvz5e2fgwdkyfvhc5rma
In our previous study, we proposed a perfectly secure Shannon cipher based on the so-called matrix power function. There we also introduced a concept of single round symmetric encryption, i.e., we used the matrix power function together with some rather simple operations to define a three-step encryption algorithm that needs no additional rounds. Interestingly enough, the newly proposed Shannon cipher possesses the option of parallelization—an important property of efficiently performing calculations using several processors. Relying on our previous proposal, in this study we introduce a concept of a one round block cipher, which can be used to encrypt an arbitrary large message by dividing it into several blocks. In other words, we construct a block cipher operating in cipher block chaining mode on the basis of the previously defined Shannon cipher. Moreover, due to the perfect secrecy property of the original algorithm, we show that our proposal is able to withstand the chosen plaintext attack.Lina Dindiene, Aleksejus Mihalkovich, Kestutis Luksys, Eligijus Sakalauskaswork_lo3dqtkvz5e2fgwdkyfvhc5rmaSat, 18 Jun 2022 00:00:00 GMTVerifiable Quantum Advantage without Structure
https://scholar.archive.org/work/lm5w3p62lvawpclekske5xvjq4
We show the following hold, unconditionally unless otherwise stated, relative to a random oracle with probability 1: - There are NP search problems solvable by BQP machines but not BPP machines. - There exist functions that are one-way, and even collision resistant, against classical adversaries but are easily inverted quantumly. Similar separations hold for digital signatures and CPA-secure public key encryption (the latter requiring the assumption of a classically CPA-secure encryption scheme). Interestingly, the separation does not necessarily extend to the case of other cryptographic objects such as PRGs. - There are unconditional publicly verifiable proofs of quantumness with the minimal rounds of interaction: for uniform adversaries, the proofs are non-interactive, whereas for non-uniform adversaries the proofs are two message public coin. - Our results do not appear to contradict the Aaronson-Ambanis conjecture. Assuming this conjecture, there exist publicly verifiable certifiable randomness, again with the minimal rounds of interaction. By replacing the random oracle with a concrete cryptographic hash function such as SHA2, we obtain plausible Minicrypt instantiations of the above results. Previous analogous results all required substantial structure, either in terms of highly structured oracles and/or algebraic assumptions in Cryptomania and beyond.Takashi Yamakawa, Mark Zhandrywork_lm5w3p62lvawpclekske5xvjq4Fri, 17 Jun 2022 00:00:00 GMTA Review on Plastic Artificial Neural Networks: Exploring the Intersection between Neural Architecture Search and Continual Learning
https://scholar.archive.org/work/lvm5cl55krchzddnwea7ijawwm
Despite the significant advances achieved in Artificial Neural Networks (ANNs), their design process remains notoriously tedious, depending primarily on intuition, experience and trial-and-error. This human-dependent process is often time-consuming and prone to errors. Furthermore, the models are generally bound to their training contexts, with no considerations of changes to their surrounding environments. Continual adaptability and automation of neural networks is of paramount importance to several domains where model accessibility is limited after deployment (e.g IoT devices, self-driving vehicles, etc). Additionally, even accessible models require frequent maintenance post-deployment to overcome issues such as Concept/Data Drift, which can be cumbersome and restrictive. The current state of the art on adaptive ANNs is still a premature area of research; nevertheless, Neural Architecture Search (NAS), a form of AutoML, and Continual Learning (CL) have recently gained an increasing momentum in the Deep Learning research field, aiming to provide more robust and adaptive ANN development frameworks. This study is the first extensive review on the intersection between AutoML and CL, outlining research directions for the different methods that can facilitate full automation and lifelong plasticity in ANNs.Mohamed Shahawy, Elhadj Benkhelifa, David Whitework_lvm5cl55krchzddnwea7ijawwmSat, 11 Jun 2022 00:00:00 GMTSecurity and privacy of incentive-driven mechanisms
https://scholar.archive.org/work/ra53ow2y4jdu3eofhhubjy75qe
While cryptographic tools offer practical security and privacy supported by theory and formal proofs, there are often gaps between the theory and intricacies of the real world. This is especially apparent in the realm of game theoretic applications where protocol participants are motivated by incentives and preferences on the protocol outcome. These incentives can lead to additional requirements or unexpected attack vectors, making standard cryptographic concepts inapplicable. The goal of this thesis is to bridge some of the gaps between cryptography and incentive-driven mechanisms. The thesis will consist of three main research threads, each studying the privacy or security of a game-theoretic scenario in non-standard cryptographic frameworks in order to satisfy the scenario's unique requirements. Our first scenario is preference aggregation, where we will analyze the privacy of voting rules while requiring the rules to be deterministic. Then, we will study games, and how to achieve collusion-freeness (and its composable version, collusion-preservation) in the decentralized setting. Finally, we explore the robustness of Nakamoto-style proof-of-work blockchains against 51% attacks when the main security assumption of honest majority fails. Most of the results in this thesis are also published in the following (in order): Ch. 3: [103], Ch. 4: [47], and Ch. 5: [104]. Our first focus is preference aggregation—in particular voting rules. Specifically, we answer the crucial question: How private is the voting rule we use and the voting information we release? This natural and seemingly simple question was sidestepped in previous works, where randomization was added to voting rules in order to achieve the widely-known notion of differential privacy (DP). Yet, randomness in an election can be undesirable, and may alter voter incentives and strategies. In this chapter of our thesis, we expand and improve upon previous works and study deterministic voting rules. In a similarly well-accepted framework of distributional dif [...]Yun Lu, University Of Edinburgh, Vassilis Zikas, Aggelos Kiayiaswork_ra53ow2y4jdu3eofhhubjy75qeTue, 07 Jun 2022 00:00:00 GMTOpto-MASS: a high-throughput engineering platform for genetically encoded fluorescent sensors enabling all-optical in vivo detection of monoamines and opioids
https://scholar.archive.org/work/gdbm63xxwnbcdlgm4nots3az3a
AbstractFluorescent sensor proteins are instrumental for detecting biological signals in vivo with high temporal accuracy and cell-type specificity. However, engineering sensors with physiological ligand sensitivity and selectivity is difficult because they need to be optimized through individual mutagenesis in vitro to assess their performance. The vast mutational landscape proteins constitute an obstacle that slows down sensor development. This is particularly true for sensors that require mammalian host systems to be screened. Here, we developed a novel high-throughput engineering platform that functionally tests thousands of variants simultaneously in mammalian cells and thus allows the screening of large variant numbers. We showcase the capabilities of our platform, called Optogenetic Microwell Array Screening System (Opto-MASS), by engineering novel monoamine and neuropeptide in vivo capable sensors with distinct physiological roles at high-throughput.Michael Rappleye, Adam Gordon-Fennel, Daniel C. Castro, Avi K. Matarasso, Catalina A. Zamorano, Sarah J. Wait, Justin D. Lee, Jamison C. Siebart, Azra Suko, Netta Smith, Jeanot Muster, Kenneth A Matreyek, Douglas M. Fowler, Garrett D. Stuber, Michael R. Bruchas, Andre Berndtwork_gdbm63xxwnbcdlgm4nots3az3aThu, 02 Jun 2022 00:00:00 GMTReview of Chosen Isogeny-Based Cryptographic Schemes
https://scholar.archive.org/work/u3c5bquhw5gm5bdwnckno5lz6y
Public-key cryptography provides security for digital systems and communication. Traditional cryptographic solutions are constantly improved, e.g., to suppress brute-force attacks. However, Shor's algorithm suited for quantum computers can break the bedrock of most currently used systems, i.e., the RSA problem and discrete logarithm problem. Post-quantum cryptography can withstand attacks carried out by quantum computers. Several families of post-quantum systems exist; one of them is isogeny-based cryptography. As a main contribution, in this paper, we provide a survey of chosen, fundamental isogeny-based schemes. The target audience of this review is researchers interested in practical aspects of this field of cryptography; therefore the survey contains exemplary implementations. Our goal was not to develop an efficient implementation, but to provide materials that make it easier to analyze isogeny-based cryptography.Bartosz Drzazga, Łukasz Krzywieckiwork_u3c5bquhw5gm5bdwnckno5lz6yTue, 31 May 2022 00:00:00 GMTImage Encryption Algorithm Based on Artificial Bee Colony Algorithm and Chaotic System
https://scholar.archive.org/work/52lbnnnqe5dqpoxcndphgrqwmm
This article proposes an image encryption algorithm based on a chaotic bit-plane decomposition and optimization algorithm of a crossover operator artificial bee colony algorithm. Firstly, use the SHA-256 hash algorithm to calculate the plaintext image's hash value as the starting value of the fractional Lorenz hyperchaotic system after operation. Utilize the chaotic sequence to permutate plaintext image in a bit plane to obtain the scrambled image. Secondly, block the scrambled image into four subimages of equal size, and count the hash value of each row of each block by the SHA-256 hash algorithm as the starting value of the Sine-Tent-Logistic chaotic system. Use the obtained chaotic sequence to substitute the images. Then, stitch the four sub-block images to get the final encrypted image, and the population is obtained. Finally, use the information entropy of ciphertext image as the fitness function of the artificial bee colony algorithm based on a crossover operator. Select the ciphertext image with the best information entropy from the population as the optimal encrypted image, and then, return the position value of the best honey source meanwhile. The experimental simulation and security analysis indicate that the scheme has an excellent encryption effect and ability to oppose various general attacks.Yanqi Zhou, Erfu Wang, Xiaomeng Song, Mengna Shi, Xingsi Xuework_52lbnnnqe5dqpoxcndphgrqwmmWed, 18 May 2022 00:00:00 GMTAlmost Universally Optimal Distributed Laplacian Solvers via Low-Congestion Shortcuts
https://scholar.archive.org/work/dfc6qfzoyjbpzk6xodsotkknzy
In this paper, we refine the (almost) existentially optimal distributed Laplacian solver recently developed by Forster, Goranci, Liu, Peng, Sun, and Ye (FOCS '21) into an (almost) universally optimal distributed Laplacian solver. Specifically, when the topology is known, we show that any Laplacian system on an n-node graph with shortcut quality SQ(G) can be solved within n^o(1)SQ(G) log(1/ε) rounds, where ε is the required accuracy. This almost matches our lower bound which guarantees that any correct algorithm on G requires Ω(SQ(G)) rounds, even for a crude solution with ε≤ 1/2. Even in the unknown-topology case (i.e., standard CONGEST), the same bounds also hold in most networks of interest. Furthermore, conditional on conjectured improvements in state-of-the-art constructions of low-congestion shortcuts, the CONGEST results will match the known-topology ones. Moreover, following a recent line of work in distributed algorithms, we consider a hybrid communication model which enhances CONGEST with limited global power in the form of the node-capacitated clique (NCC) model. In this model, we show the existence of a Laplacian solver with round complexity n^o(1)log(1/ε). The unifying thread of these results, and our main technical contribution, is the study of novel congested generalization of the standard part-wise aggregation problem. We develop near-optimal algorithms for this primitive in the Supported-CONGEST model, almost-optimal algorithms in (standard) CONGEST, as well as a very simple algorithm for bounded-treewidth graphs with slightly worse bounds. This primitive can be readily used to accelerate the FOCS'21 Laplacian solver. We believe this primitive will find further independent applications.Ioannis Anagnostides, Christoph Lenzen, Bernhard Haeupler, Goran Zuzic, Themis Gouleakiswork_dfc6qfzoyjbpzk6xodsotkknzySat, 14 May 2022 00:00:00 GMTOn the Linear Components Space of S-boxes Generated by Orthogonal Cellular Automata
https://scholar.archive.org/work/v7ekikcxgjez5cmxljh27evh4e
We investigate S-boxes defined by pairs of Orthogonal Cellular Automata (OCA), motivated by the fact that such CA always define bijective vectorial Boolean functions, and could thus be interesting for the design of block ciphers. In particular, we perform an exhaustive search of all nonlinear OCA pairs of diameter d=4 and d=5, which generate S-boxes of size 6× 6 and 8× 8, respectively. Surprisingly, all these S-boxes turn out to be linear, and thus they are not useful for the design of confusion layers in block ciphers. However, a closer inspection of these S-boxes reveals a very interesting structure. Indeed, we remark that the linear components space of the OCA-based S-boxes found by our exhaustive search are themselves the kernels of linear CA, or, equivalently, polynomial codes. We finally classify the polynomial codes of the S-boxes obtained in our exhaustive search and observe that, in most cases, they actually correspond to the cyclic code with generator polynomial X^b+1, where b=d-1. Although these findings rule out the possibility of using OCA to design good S-boxes in block ciphers, they give nonetheless some interesting insights for a theoretical characterization of nonlinear OCA pairs, which is still an open question in general.Luca Mariot, Luca Manzoniwork_v7ekikcxgjez5cmxljh27evh4eSat, 14 May 2022 00:00:00 GMTFailing to hash into supersingular isogeny graphs
https://scholar.archive.org/work/47spzax6rbdjnefzo53nisufqy
An important open problem in supersingular isogeny-based cryptography is to produce, without a trusted authority, concrete examples of "hard supersingular curves," that is, concrete supersingular curves for which computing the endomorphism ring is as difficult as it is for random supersingular curves. Or, even better, to produce a hash function to the vertices of the supersingular ℓ-isogeny graph which does not reveal the endomorphism ring, or a path to a curve of known endomorphism ring. Such a hash function would open up interesting cryptographic applications. In this paper, we document a number of (thus far) failed attempts to solve this problem, in the hopes that we may spur further research, and shed light on the challenges and obstacles to this endeavour. The mathematical approaches contained in this article include: (i) iterative root-finding for the supersingular polynomial; (ii) gcd's of specialized modular polynomials; (iii) using division polynomials to create small systems of equations; (iv) taking random walks in the isogeny graph of abelian surfaces; and (v) using quantum random walks.Jeremy Booher, Ross Bowden, Javad Doliskani, Tako Boris Fouotsa, Steven D. Galbraith, Sabrina Kunzweiler, Simon-Philipp Merz, Christophe Petit, Benjamin Smith, Katherine E. Stange, Yan Bo Ti, Christelle Vincent, José Felipe Voloch, Charlotte Weitkämper, Lukas Zobernigwork_47spzax6rbdjnefzo53nisufqySat, 30 Apr 2022 00:00:00 GMTEntropy-Optimal Algorithms for Multiple-Choice Secretary
https://scholar.archive.org/work/3mmmh2pyinhzrcno2tajpcmk44
In this paper, we study the problem for the entropy of both admissible and optimal distributions of permutations to the multiple-choice secretary problem. In particular, we construct a distribution with entropy Θ(loglog n) such that a deterministic threshold-based algorithm gives a nearly-optimal competitive ratio 1-O(logk/k^1/3) for k=O((log n)^3/14). Our error is simultaneously nearly-optimal and with optimal entropy Θ(loglog n). Our result improves in two ways the previous best construction by Kesselheim, Kleinberg and Niazadeh (KKN) [STOC'15] whose competitive ratio is 1 - O(1/k^1/3) - o(1). First, our solution works for an exponentially larger range of parameters k, as in the work of KKN k=O((logloglog n)^ϵ). Second, our algorithm is a simple deterministic single-threshold algorithm (only drawing a permutation from a stochastic uniform distribution), while the algorithm in KKN uses additional randomness. We also prove a new corresponding lower bound for entropy of optimal solutions to the k-secretary problem, matching the entropy of our algorithm. We further show the strength of our techniques by obtaining fine-grained results for optimal distributions of permutations for the classic secretary problem. For optimal entropy Θ(loglog n), we precisely characterize the success probability of uniform distributions that is below, and close to, 1/e, and construct such distributions in polynomial time. We prove even higher entropy Θ(log(n)) suffices for a success probability above 1/e, but, no uniform probability distribution with small support and entropy strictly less than log (n) can have success probability above 1/e. For maximum entropy Θ(n log(n)), improving upon a result of Samuels from 1981, we find the precise formula for the optimal success probability of any secretary algorithm.Mohammad Taghi Hajiaghayi and Dariusz R. Kowalski and Piotr Krysta and Jan Olkowskiwork_3mmmh2pyinhzrcno2tajpcmk44Tue, 12 Apr 2022 00:00:00 GMTContributions to cryptanalysis: design and analysis of cryptographic hash functions
https://scholar.archive.org/work/aaeikqqwobampjdbdbyow2jwzi
"A cryptographic hash function is a mechanism producing a fixed-length output of a message of arbitrary length. It fullfils a collection of security requirements guaranteeing that a hash function does not introduce any weakness into the system to which it is applied. The example applications of cryptographic hash functions include digital signatures and message authentication codes. This thesis analyzes cryptographic hash functions and studies the design principles in the construction of secure cryptographic hash functions. We investigate the problem of building hash functions from block ciphers and the security properties of different structures used to design compression functions. We show that we can build open-key differential distinguishers for Crypton, Hierocrypt-3, SAFER++ and Square. We know that our attack on SAFER++ is the first rebound attack with standard differentials. To demonstrate the efficiency of proposed distinguishers, we provide formal proof of a lower bound for finding a differential pair that follows a truncated differential in the case of a random permutation. Our analysis shows that block ciphers used as the underlying primitive should also be analyzed in the open-key model to prevent possible collision attacks. We analyze the IDEA-based hash functions in a variety of cipher modes. We present practical complexity collision search attacks and preimage attacks, where we exploit a null weak-key and a new non-trivial property of IDEA. We prove that even if a cipher is considered secure in the secret-key model, one has to be very careful when using it as a building block in the hashing modes. Finally, we investigate the recent rotational analysis. We show how to extend the rotational analysis to subtractions, shifts, bit-wise Boolean functions, multi additions and multi subtractions. In particular, we develop formulae for calculation of probabilities of preserving the rotation property for multiple modular additions and subtractions. We examine S-functions and its application to the rotational [...]Przemysław Szczepan Sokołowskiwork_aaeikqqwobampjdbdbyow2jwziMon, 28 Mar 2022 00:00:00 GMTQuantum statistical mechanics of encryption: reaching the speed limit of classical block ciphers
https://scholar.archive.org/work/fp4xcwe3nbcbhnrcjo4xcoiokq
We cast encryption via classical block ciphers in terms of operator spreading in a dual space of Pauli strings, a formulation which allows us to characterize classical ciphers by using tools well known in the analysis of quantum many-body systems. We connect plaintext and ciphertext attacks to out-of-time order correlators (OTOCs) and quantify the quality of ciphers using measures of delocalization in string space such as participation ratios and corresponding entropies obtained from the wave function amplitudes in string space. The saturation of the string-space information entropy is accompanied by the vanishing of OTOCs. Together these signal irreversibility and chaos, which we take to be the defining properties of good classical ciphers. More precisely, we define a good cipher by requiring that the OTOCs vanish to exponential precision and that the string entropies saturate to the values associated with a random permutation, which are computed explicitly in the paper. We argue that these conditions can be satisfied by n-bit block ciphers implemented via random reversible circuits with O(n log n) gates arranged on a tree structure, with layers of n/3 3-bit gates, for which a "key" specifies uniquely the sequence of gates that comprise the circuit. We show that in order to reach this "speed limit" one must employ a three-stage circuit consisting of a stage implemented by layers of nonlinear gates that proliferate the number of strings, flanked by two other stages, each deploying layers of a special set of linear "inflationary" gates that accelerate the growth of small individual strings. A shallow, O(log n)-depth cipher of the type described here can be used in constructing a polynomial-overhead scheme for computation on encrypted data proposed in another publication as an alternative to Homomorphic Encryption.Claudio Chamon, Eduardo R. Mucciolo, Andrei E. Ruckensteinwork_fp4xcwe3nbcbhnrcjo4xcoiokqSun, 06 Mar 2022 00:00:00 GMTPost Quantum Cryptography: Techniques, Challenges, Standardization, and Directions for Future Research
https://scholar.archive.org/work/3hku2pmnozdobke6tb62wnwemq
The development of large quantum computers will have dire consequences for cryptography. Most of the symmetric and asymmetric cryptographic algorithms are vulnerable to quantum algorithms. Grover's search algorithm gives a square root time boost for the searching of the key in symmetric schemes like AES and 3DES. The security of asymmetric algorithms like RSA, Diffie Hellman, and ECC is based on the mathematical hardness of prime factorization and discrete logarithm. The best classical algorithms available take exponential time. Shor's factoring algorithm can solve the problems in polynomial time. Major breakthroughs in quantum computing will render all the present-day widely used asymmetric cryptosystems insecure. This paper analyzes the vulnerability of the classical cryptosystems in the context of quantum computers discusses various post-quantum cryptosystem families, discusses the status of the NIST post-quantum cryptography standardization process, and finally provides a couple of future research directions in this field.Ritik Bavdekar, Eashan Jayant Chopde, Ashutosh Bhatia, Kamlesh Tiwari, Sandeep Joshua Daniel, Atulwork_3hku2pmnozdobke6tb62wnwemqSun, 06 Feb 2022 00:00:00 GMT