IA Scholar Query: The optimal LLL algorithm is still polynomial in fixed dimension.
https://scholar.archive.org/
Internet Archive Scholar query results feedeninfo@archive.orgMon, 26 Sep 2022 00:00:00 GMTfatcat-scholarhttps://scholar.archive.org/help1440Equations for a K3 Lehmer map
https://scholar.archive.org/work/qi6wsa2aujaulief7kuwssa264
McMullen proved that there exists an automorphism of minimal topological entropy on a projective K3 surface. We derive equations for the surface and its automorphism. We reconstruct the surface and its automorphism from the Hodge theoretic model provided by McMullen. The approach is computer aided and relies on finite non-symplectic automorphisms, p-adic lifting, elliptic fibrations and the Kneser neighbor method for integer lattices.Simon Brandhorst, Noam D. Elkieswork_qi6wsa2aujaulief7kuwssa264Mon, 26 Sep 2022 00:00:00 GMTMinimizing Convex Functions with Rational Minimizers
https://scholar.archive.org/work/5kftfwze7jf6bilgtmwu3up65u
Given a separation oracle 𝖲𝖮 for a convex function f defined on ℝ^n that has an integral minimizer inside a box with radius R, we show how to find an exact minimizer of f using at most (a) O(n (n loglog (n)/log (n) + log(R))) calls to 𝖲𝖮 and 𝗉𝗈𝗅𝗒(n, log(R)) arithmetic operations, or (b) O(n log(nR)) calls to 𝖲𝖮 and exp(O(n)) ·𝗉𝗈𝗅𝗒(log(R)) arithmetic operations. When the set of minimizers of f has integral extreme points, our algorithm outputs an integral minimizer of f. This improves upon the previously best oracle complexity of O(n^2 (n + log(R))) for polynomial time algorithms and O(n^2log(nR)) for exponential time algorithms obtained by [Grötschel, Lovász and Schrijver, Prog. Comb. Opt. 1984, Springer 1988] over thirty years ago. Our improvement on Grötschel, Lovász and Schrijver's result generalizes to the setting where the set of minimizers of f is a rational polyhedron with bounded vertex complexity. For the Submodular Function Minimization problem, our result immediately implies a strongly polynomial algorithm that makes at most O(n^3 loglog (n)/log (n)) calls to an evaluation oracle, and an exponential time algorithm that makes at most O(n^2 log(n)) calls to an evaluation oracle. These improve upon the previously best O(n^3 log^2(n)) oracle complexity for strongly polynomial algorithms given in [Lee, Sidford and Wong, FOCS 2015] and [Dadush, Végh and Zambelli, SODA 2018], and an exponential time algorithm with oracle complexity O(n^3 log(n)) given in the former work. Our result is achieved via a reduction to the Shortest Vector Problem in lattices. We analyze its oracle complexity using a potential function that simultaneously captures the size of the search set and the density of the lattice.Haotian Jiangwork_5kftfwze7jf6bilgtmwu3up65uTue, 20 Sep 2022 00:00:00 GMTThe power of random information for numerical approximation and integration
https://scholar.archive.org/work/rpowpphs4rdvdnxobaqro54luu
This thesis investigates the quality of randomly collected data by employing a framework built on information-based complexity, a field related to the numerical analysis of abstract problems. The quality or power of gathered information is measured by its radius which is the uniform error obtainable by the best possible algorithm using it. The main aim is to present progress towards understanding the power of random information for approximation and integration problems.Mathias Sonnleitnerwork_rpowpphs4rdvdnxobaqro54luuThu, 15 Sep 2022 00:00:00 GMTIsogenous hyperelliptic and non-hyperelliptic Jacobians with maximal complex multiplication
https://scholar.archive.org/work/zkzu5nberzeijflih6rl55gw2i
We analyze complex multiplication for Jacobians of curves of genus 3, as well as the resulting Shimura class groups and their subgroups corresponding to Galois conjugation over the reflex field. We combine our results with numerical methods to find CM fields K for which there exist both hyperelliptic and non-hyperelliptic curves whose Jacobian has complex multiplication by ℤ_K. More precisely, we find all sextic CM fields K in the LMFDB for which (heuristically) Jacobians of both types with CM by ℤ_K exist. There turn out to be 14 such fields among the 547,156 sextic CM fields that the LMFDB contains. We determine invariants of the corresponding curves, and in the simplest case we also give an explicit defining equation.Bogdan Dina, Sorina Ionica, Jeroen Sijslingwork_zkzu5nberzeijflih6rl55gw2iTue, 23 Aug 2022 00:00:00 GMTOn the computation of modular forms on noncongruence subgroups
https://scholar.archive.org/work/itla62eedrdgnfpb4hpq55fnva
We present two approaches that can be used to compute modular forms on noncongruence subgroups. The first approach uses Hejhal's method for which we improve the arbitrary precision solving techniques so that the algorithm becomes about up to two orders of magnitude faster in practical computations. This allows us to obtain high precision numerical estimates of the Fourier coefficients from which the algebraic expressions can be identified using the LLL algorithm. The second approach is restricted to genus zero subgroups and uses efficient methods to compute the Belyi map from which the modular forms can be constructed.David Berghaus, Hartmut Monien, Danylo Radchenkowork_itla62eedrdgnfpb4hpq55fnvaWed, 27 Jul 2022 00:00:00 GMTPartons as unique ground states of quantum Hall parent Hamiltonians: The case of Fibonacci anyons
https://scholar.archive.org/work/zgbluxfvmzdrvb33s3nltqia44
We present microscopic, multiple Landau level, (frustration-free and positive semi-definite) parent Hamiltonians whose ground states, realizing different quantum Hall fluids, are parton-like and whose excitations display either Abelian or non-Abelian braiding statistics. We prove ground state energy monotonicity theorems for systems with different particle numbers in multiple Landau levels, demonstrate S-duality in the case of toroidal geometry, and establish complete sets of zero modes of special Hamiltonians stabilizing parton-like states, specifically at filling factor ν=2/3. The emergent Entangled Pauli Principle, which defines the "DNA" of the quantum Hall fluid, is behind the exact determination of the topological characteristics of the fluid, including charge and braiding statistics of excitations, and effective edge theory descriptions. When the closed-shell condition is satisfied, the densest (i.e., the highest density and lowest total angular momentum) zero-energy mode is a unique parton state. We conjecture that parton-like states generally span the subspace of many-body wave functions with the two-body M-clustering property within any given number of Landau levels, that is, wave functions with Mth-order coincidence plane zeroes and both holomorphic and anti-holomorphic dependence on variables. General arguments are supplemented by rigorous considerations for the M=3 case of fermions in four Landau levels. We apply the coherent state approach to show that the elementary (localized) bulk excitations are Fibonacci anyons. This demonstrates that the DNA associated with fractional quantum Hall states encodes all universal properties. Specifically, for parton-like states, we establish a link with tensor network structures of finite bond dimension that emerge via root level entanglement.M. Tanhayi Ahari, S. Bandyopadhyay, Z. Nussinov, A. Seidel, G. Ortizwork_zgbluxfvmzdrvb33s3nltqia44Mon, 18 Jul 2022 00:00:00 GMTSALSA: Attacking Lattice Cryptography with Transformers
https://scholar.archive.org/work/2ywnzlza6bgm5ga2utayscobv4
Currently deployed public-key cryptosystems will be vulnerable to attacks by full-scale quantum computers. Consequently, "quantum resistant" cryptosystems are in high demand, and lattice-based cryptosystems, based on a hard problem known as Learning With Errors (LWE), have emerged as strong contenders for standardization. In this work, we train transformers to perform modular arithmetic and combine half-trained models with statistical cryptanalysis techniques to propose SALSA: a machine learning attack on LWE-based cryptographic schemes. SALSA can fully recover secrets for small-to-mid size LWE instances with sparse binary secrets, and may scale to attack real-world LWE-based cryptosystems.Emily Wenger, Mingjie Chen, François Charton, Kristin Lauterwork_2ywnzlza6bgm5ga2utayscobv4Mon, 11 Jul 2022 00:00:00 GMTCertifying Solution Geometry in Random CSPs: Counts, Clusters and Balance
https://scholar.archive.org/work/s672dzhss5dhjhtjvn5hrhicli
An active topic in the study of random constraint satisfaction problems (CSPs) is the geometry of the space of satisfying or almost satisfying assignments as the function of the density, for which a precise landscape of predictions has been made via statistical physics-based heuristics. In parallel, there has been a recent flurry of work on refuting random constraint satisfaction problems, via nailing refutation thresholds for spectral and semidefinite programming-based algorithms, and also on counting solutions to CSPs. Inspired by this, the starting point for our work is the following question: What does the solution space for a random CSP look like to an efficient algorithm? In pursuit of this inquiry, we focus on the following problems about random Boolean CSPs at the densities where they are unsatisfiable but no refutation algorithm is known. 1) Counts. For every Boolean CSP we give algorithms that with high probability certify a subexponential upper bound on the number of solutions. We also give algorithms to certify a bound on the number of large cuts in a Gaussian-weighted graph, and the number of large independent sets in a random d-regular graph. 2) Clusters. For Boolean 3CSPs we give algorithms that with high probability certify an upper bound on the number of clusters of solutions. 3) Balance. We also give algorithms that with high probability certify that there are no "unbalanced" solutions, i.e., solutions where the fraction of +1s deviates significantly from 50%. Finally, we also provide hardness evidence suggesting that our algorithms for counting are optimal.Jun-Ting Hsieh, Sidhanth Mohanty, Jeff Xu, Shachar Lovettwork_s672dzhss5dhjhtjvn5hrhicliMon, 11 Jul 2022 00:00:00 GMTExplicit open images for elliptic curves over ℚ
https://scholar.archive.org/work/mhlw2vgalrgmld7vs6gdb6vvhi
For a non-CM elliptic curve E defined over ℚ, the Galois action on its torsion points gives rise to a Galois representation ρ_E: Gal(ℚ/ℚ)→ GL_2(ℤ) that is unique up to isomorphism. A renowned theorem of Serre says that the image of ρ_E is an open, and hence finite index, subgroup of GL_2(ℤ). We describe an algorithm that computes the image of ρ_E up to conjugacy in GL_2(ℤ); this algorithm is practical and has been implemented. Up to a positive answer to a uniformity question of Serre and finding all the rational points on a finite number of explicit modular curves of genus at least 2, we give a complete classification of the groups ρ_E(Gal(ℚ/ℚ))∩ SL_2(ℤ) and the indices [GL_2(ℤ):ρ_E(Gal(ℚ/ℚ))] for non-CM elliptic curves E/ℚ. Much of the paper is dedicated to the efficient computation of modular curves via modular forms expressed in terms of Eisenstein series.David Zywinawork_mhlw2vgalrgmld7vs6gdb6vvhiThu, 30 Jun 2022 00:00:00 GMTRevisiting the Polynomial-Time Equivalence of Computing the CRT-RSA Secret Key and Factoring
https://scholar.archive.org/work/kcatyb4e35fwzdgoygocv4nfju
The Rivest–Shamir–Adleman (RSA) cryptosystem is currently the most influential and commonly used algorithm in public-key cryptography. Whether the security of RSA is equivalent to the intractability of the integer factorization problem is an interesting issue in mathematics and cryptography. Coron and May solved the above most fundamental problem and proved the polynomial-time equivalence of computing the RSA secret key and factoring. They demonstrated that the RSA modulus N=pq can be factored in polynomial time when given RSA key information (N,e,d). The CRT-RSA variant is a fast technical implementation of RSA using the Chinese Remainder Theorem (CRT), which aims to speed up the decryption process. We focus on the polynomial-time equivalence of computing the CRT-RSA secret key and factoring in this paper. With the help of the latest partial key exposure attack on CRT-RSA, we demonstrate that there exists a polynomial-time algorithm outputting the factorization of N=pq for edp,edq<N3/2 when given the CRT-RSA key information (N,e,dp,dq). We apply Coppersmith's lattice-based method as a basic mathematical tool for finding the small root solutions of modular polynomial equations. Furthermore, we provide validation experiments to illustrate the correctness of the CRT-RSA modulus factorization algorithm, and show that computing the CRT-RSA secret key and factoring its modulus is polynomial-time equivalent by using concrete numerical examples.Mengce Zhengwork_kcatyb4e35fwzdgoygocv4nfjuSun, 26 Jun 2022 00:00:00 GMTList-Decodable Covariance Estimation
https://scholar.archive.org/work/idvhwlc6frbgffpjidml3xe7yy
We give the first polynomial time algorithm for list-decodable covariance estimation. For any α > 0, our algorithm takes input a sample Y ⊆ℝ^d of size n≥ d^𝗉𝗈𝗅𝗒(1/α) obtained by adversarially corrupting an (1-α)n points in an i.i.d. sample X of size n from the Gaussian distribution with unknown mean μ_* and covariance Σ_*. In n^𝗉𝗈𝗅𝗒(1/α) time, it outputs a constant-size list of k = k(α)= (1/α)^𝗉𝗈𝗅𝗒(1/α) candidate parameters that, with high probability, contains a (μ̂,Σ̂) such that the total variation distance TV(𝒩(μ_*,Σ_*),𝒩(μ̂,Σ̂))<1-O_α(1). This is the statistically strongest notion of distance and implies multiplicative spectral and relative Frobenius distance approximation for parameters with dimension independent error. Our algorithm works more generally for (1-α)-corruptions of any distribution D that possesses low-degree sum-of-squares certificates of two natural analytic properties: 1) anti-concentration of one-dimensional marginals and 2) hypercontractivity of degree 2 polynomials. Prior to our work, the only known results for estimating covariance in the list-decodable setting were for the special cases of list-decodable linear regression and subspace recovery due to Karmarkar, Klivans, and Kothari (2019), Raghavendra and Yau (2019 and 2020) and Bakshi and Kothari (2020). These results need superpolynomial time for obtaining any subconstant error in the underlying dimension. Our result implies the first polynomial-time exact algorithm for list-decodable linear regression and subspace recovery that allows, in particular, to obtain 2^-𝗉𝗈𝗅𝗒(d) error in polynomial-time. Our result also implies an improved algorithm for clustering non-spherical mixtures.Misha Ivkov, Pravesh K. Kothariwork_idvhwlc6frbgffpjidml3xe7yyWed, 22 Jun 2022 00:00:00 GMTTackling the veracity and variety of big data
https://scholar.archive.org/work/gha5bjvg2bci3o3faf4xlnru2u
This thesis tackles the veracity and variety challenges of big data, especially focusing on graphs and relational data. We start with proposing a class of graph association rules (GARs) to specify regularities between entities in graphs, which capture both missing links and inconsistencies. A GAR is a combination of a graph pattern and a dependency; it may take as predicates machine learning classifiers for link prediction. We formalize association deduction with GARs in terms of the chase, and prove its Church-Rosser property. We show that the satisfiability, implication and association deduction problems for GARs are coNP-complete, NP-complete and NP-complete, respectively. The incremental deduction problem is DP-complete for GARs. In addition, we provide parallel algorithms for association deduction and incremental deduction. We next develop a parallel algorithm to discover GARs, which applies an applicationdriven strategy to cut back rules and data that are irrelevant to users' interest, by training a machine learning model to identify data pertaining to a given application. Moreover, we introduce a sampling method to reduce a big graph G to a set H of small sample graphs. Given expected support and recall bounds, this method is able to deduce samples in H and mine rules from H to satisfy the bounds in the entire G. Then we propose a class of temporal association rules (TACOs) for event prediction in temporal graphs. TACOs are defined on temporal graphs in terms of change patterns and (temporal) conditions, and may carry machine learning predicates for temporal event prediction. We settle the complexity of reasoning about TACOs, including their satisfiability, implication and prediction problems. We develop a system that discovers TACOs by iteratively training a rule creator based on generative models in a creatorcritic framework, and predicts events by applying the discovered TACOs in parallel. Finally, we propose an approach to querying relations D and graphs G taken together in SQL. The key idea is that if [...]Ruochun Jin, University Of Edinburgh, Wenfei Fan, Leonid Libkinwork_gha5bjvg2bci3o3faf4xlnru2uTue, 21 Jun 2022 00:00:00 GMTIntelligent signal processing for digital healthcare monitoring
https://scholar.archive.org/work/5kyt7ntbmndhvnvpvi446gnjri
Ein gesunder Gang ist ein komplexer Prozess und erfordert ein Gleichgewicht zwischen verschiedenen neurophysiologischen Systemen im Körper und gilt als wesentlicher Indikator für den physischen und kognitiven Gesundheitszustand einer Person. Folglich würden Anwendungen im Bereich der Bioinformatik und des Gesundheitswesens erheblich von den Informationen profitieren, die sich aus einer längeren oder ständigen Überwachung des Gangs, der Gewohnheiten und des Verhaltens von Personen unter ihren natürlichen Lebensbedingungen und bei ihren täglichen Aktivitäten mit Hilfe intelligenter Geräte ergeben. Vergleicht man Trägheitsmess- und stationäre Sensorsysteme, so bieten erstere hervorragende Möglichkeiten für Ganganalyseanwendungen und bieten mehrere Vorteile wie geringe Größe, niedriger Preis, Mobilität und sind leicht in tragbare Systeme zu integrieren. Die zweiten gelten als der Goldstandard, sind aber teuer und für Messungen im Freien ungeeignet. Diese Arbeit konzentriert sich auf die Verbesserung der Zeit und Qualität der Gangrehabilitation nach einer Operation unter Verwendung von Inertialmessgeräten, indem sie eine neuartige Metrik zur objektiven Bewertung des Fortschritts der Gangrehabilitation in realen Umgebungen liefert und die Anzahl der verwendeten Sensoren für praktische, reale Szenarien reduziert. Daher wurden die experimentellen Messungen für eine solche Analyse in einer stark kontrollierten Umgebung durchgeführt, um die Datenqualität zu gewährleisten. In dieser Arbeit wird eine neue Gangmetrik vorgestellt, die den Rehabilitationsfortschritt anhand kinematischer Gangdaten von Aktivitäten in Innen- und Außenbereichen quantifiziert und verfolgt. In dieser Arbeit wird untersucht, wie Signalverarbeitung und maschinelles Lernen formuliert und genutzt werden können, um robuste Methoden zur Bewältigung von Herausforderungen im realen Leben zu entwickeln. Es wird gezeigt, dass der vorgeschlagene Ansatz personalisiert werden kann, um den Fortschritt der Gangrehabilitation zu verfolgen. Ein weiteres Thema dieser [...]Javier Conte Alcaraz, Technische Informationsbibliothek (TIB)work_5kyt7ntbmndhvnvpvi446gnjriFri, 17 Jun 2022 00:00:00 GMTSignatures of the Yang-Mills deconfinement transition from the gluon two-point correlator
https://scholar.archive.org/work/2wwzncxgwjbznl5p7xyjbqb22m
We evaluate the longitudinal or (chromo-)electric Yang-Mills gluon propagator in the recently proposed center-symmetric Landau gauge at finite temperature [1]. To model the effect of the Gribov copies in the infrared, we use the Curci-Ferrari model which, in turn, allows us to rely on perturbative calculations. At one-loop order in the SU(2) case, the so-obtained longitudinal gluon propagator provides a clear signature for Z2 center-symmetry breaking with a singular behavior, characteristic of a continuous phase transition. This is in sharp contrast with what is found within the standard Landau gauge. We also identify various signatures for Z3 center-symmetry breaking in the SU(3) case in the form of genuine order parameters. Among those, we find that the gluon propagator, although degenerate along the diagonal color directions in the confining phase, becomes non-degenerate in the deconfined phase. Our results open new ways of identifying the transition from correlation functions both within continuum approaches and on the lattice.Duifje Maria van Egmond, Urko Reinosawork_2wwzncxgwjbznl5p7xyjbqb22mWed, 08 Jun 2022 00:00:00 GMTStabilizing the Laughlin state of light: dynamics of hole fractionalization
https://scholar.archive.org/work/fpo42gvqvrb7lfntplfvhbbucu
Particle loss is the ultimate challenge for preparation of strongly correlated many-body states of photons. An established way to overcome the loss is to employ a stabilization setup that autonomously injects new photons in place of the lost ones. However, as we show, the effectiveness of such a stabilization setup is compromised for fractional quantum Hall states. There, a hole formed by a lost photon can separate into several remote quasiholes none of which can be refilled by injecting a photon locally. By deriving an exact expression for the steady-state density matrix, we demonstrate that isolated quasiholes proliferate in the steady state which damages the quality of the state preparation. The motion of quasiholes leading to their separation is allowed by a repeated process in which a photon is first lost and then quickly refilled in the vicinity of the quasihole. We develop the theory of this dissipative quasihole dynamics and show that it has diffusive character. Our results demonstrate that fractionalization might present an obstacle for both creation and stabilization of strongly-correlated states with photons.Pavel D. Kurilovich, Vladislav D. Kurilovich, José Lebreuilly, S. M. Girvinwork_fpo42gvqvrb7lfntplfvhbbucuSun, 05 Jun 2022 00:00:00 GMTSymbolic-Numeric Factorization of Differential Operators
https://scholar.archive.org/work/xkto3nlocbbmbl37xl27d2o3le
We present a symbolic-numeric Las Vegas algorithm for factoring Fuchsian ordinary differential operators with rational function coefficients. The new algorithm combines ideas of van Hoeij's "local-to-global" method and of the "analytic" approach proposed by van der Hoeven. It essentially reduces to the former in "easy" cases where the local-to-global method succeeds, and to an optimized variant of the latter in the "hardest" cases, while handling intermediate cases more efficiently than both.Frédéric Chyzakwork_xkto3nlocbbmbl37xl27d2o3leFri, 03 Jun 2022 00:00:00 GMTVariational quantum solutions to the Shortest Vector Problem
https://scholar.archive.org/work/aclszq7hb5azvjdfgmjhgnusvm
A fundamental computational problem is to find a shortest non-zero vector in Euclidean lattices, a problem known as the Shortest Vector Problem (SVP). This problem is believed to be hard even on quantum computers and thus plays a pivotal role in post-quantum cryptography. In this work we explore how (efficiently) Noisy Intermediate Scale Quantum (NISQ) devices may be used to solve SVP. Specifically, we map the problem to that of finding the ground state of a suitable Hamiltonian. In particular, (i) we establish new bounds for lattice enumeration, this allows us to obtain new bounds (resp. estimates) for the number of qubits required per dimension for any lattices (resp. random q-ary lattices) to solve SVP; (ii) we exclude the zero vector from the optimization space by proposing (a) a different classical optimisation loop or alternatively (b) a new mapping to the Hamiltonian. These improvements allow us to solve SVP in dimension up to 28 in a quantum emulation, significantly more than what was previously achieved, even for special cases. Finally, we extrapolate the size of NISQ devices that is required to be able to solve instances of lattices that are hard even for the best classical algorithms and find that with approximately 10^3 noisy qubits such instances can be tackled.Martin R. Albrecht, Miloš Prokop, Yixin Shen, Petros Walldenwork_aclszq7hb5azvjdfgmjhgnusvmFri, 20 May 2022 00:00:00 GMTℓ-adic images of Galois for elliptic curves over ℚ
https://scholar.archive.org/work/hsffaxpnkbc5bhcgk3y5kondom
We discuss the ℓ-adic case of Mazur's "Program B" over ℚ, the problem of classifying the possible images of ℓ-adic Galois representations attached to elliptic curves E over ℚ, equivalently, classifying the rational points on the corresponding modular curves. The primes ℓ=2 and ℓ≥ 13 are addressed by prior work, so we focus on the remaining primes ℓ = 3, 5, 7, 11. For each of these ℓ, we compute the directed graph of arithmetically maximal ℓ-power level modular curves X_H, compute explicit equations for all but three of them, and classify the rational points on all of them except X_ ns^+(N), for N = 27, 25, 49, 121, and two level 49 curves of genus 9 whose Jacobians have analytic rank 9. Aside from the ℓ-adic images that are known to arise for infinitely many ℚ̅-isomorphism classes of elliptic curves E/ℚ, we find only 22 exceptional images that arise for any prime ℓ and any E/ℚ without complex multiplication; these exceptional images are realized by 20 non-CM rational j-invariants. We conjecture that this list of 22 exceptional images is complete and show that any counterexamples must arise from unexpected rational points on X_ ns^+(ℓ) with ℓ≥ 19, or one of the six modular curves noted above. This yields a very efficient algorithm to compute the ℓ-adic images of Galois for any elliptic curve over ℚ. In an appendix with John Voight we generalize Ribet's observation that simple abelian varieties attached to newforms on Γ_1(N) are of GL_2-type; this extends Kolyvagin's theorem that analytic rank zero implies algebraic rank zero to isogeny factors of the Jacobian of X_H.Jeremy Rouse, Andrew V. Sutherland, David Zureick-Brownwork_hsffaxpnkbc5bhcgk3y5kondomMon, 16 May 2022 00:00:00 GMTCompact and Efficient NTRU-based KEM with Scalable Ciphertext Compression
https://scholar.archive.org/work/muoo3rx66raqpgspttuyga6lr4
The NTRU lattice is a promising candidate to construct practical cryptosystems resistant to quantum computing attacks, and particularly plays a leading role in the ongoing NIST post-quantum cryptography standardization. On the one hand, it is benefited from a strong security guarantee since it has essentially not been broken over 24 years. On the other hand, all the known patent threats against NTRU have expired, which is deemed a critical factor for consideration when deploying PQC algorithms in reality. Nevertheless, there are still some obstacles to the computational efficiency and bandwidth complexity of NTRU-based constructions of key encapsulation mechanisms (KEM). To address these issues, we propose a compact and efficient KEM based on the NTRU lattice, called CTRU, by introducing a scalable ciphertext compression technique. It demonstrates a new approach to decrypting NTRU ciphertext, where the plaintext message is recovered with the aid of our decoding algorithm in the scalable E_8 lattice. The instantiation of CTRU is over the NTT-friendly rings of the form ℤ_q[x]/(x^n-x^n/2+1). To our knowledge, our CTRU is the most bandwidth efficient KEM based on the NTRU lattice up to now. In addition, compared to other NTRU-based KEM schemes, CTRU has stronger security against known attacks, enjoys more robust CCA security reduction (starting from IND-CPA rather than OW-CPA), and its encapsulation and decapsulation processes are also among the most efficient. When compared to the NIST Round 3 finalist NTRU-HRSS, our CTRU-768 has 15% smaller ciphertext size and its security is strengthened by (45,40) bits for classical and quantum security respectively. When compared to the NIST Round 3 finalist Kyber that is based on the Module-LWE assumption, CTRU has both smaller bandwidth and lower error probabilities at about the same security level.Zhichuang Liang, Boyue Fang, Jieyu Zheng, Yunlei Zhaowork_muoo3rx66raqpgspttuyga6lr4Wed, 11 May 2022 00:00:00 GMTDelay Encryption by Cubing
https://scholar.archive.org/work/3tdavx3btrd3liuvje6fwt7ruu
Delay Encryption (often called Timed-Release Encryption) is a scheme in which a message is sent into the future by ensuring its confidentiality only for a given amount of time. We propose a new scheme based on a novel time-lock puzzle. This puzzle relies on the assumption that repeated squaring is an inherently sequential process. We perform an extensive and practical analysis of many classical and quantum attacks on our scheme and conclude that it is secure given some precautions.Ivo Maffei, A. W. Roscoework_3tdavx3btrd3liuvje6fwt7ruuWed, 11 May 2022 00:00:00 GMT