Tensor-based trapdoors for CVP and their application to public key cryptography

We propose two trapdoors for the Closest-Vector-Problem in lattices (CVP) related to the lattice tensor product. Using these trapdoors we set up a lattice-based cryptosystem which resembles to the McEliece scheme

Solving the Shortest Vector Problem in Lattices Faster Using Quantum Search

By applying Grover's quantum search algorithm to the lattice algorithms of Micciancio and Voulgaris, Nguyen and Vidick, Wang et al., and Pujol and Stehl\'{e}, we obtain improved asymptotic quantum results for solving the shortest vector problem. With quantum computers we can provably find a shortest vector in time $2^{1.799n + o(n)}$, improving upon the classical time complexity of $2^{2.465n + o(n)}$ of Pujol and Stehl\'{e} and the $2^{2n + o(n)}$ of Micciancio and Voulgaris, while heuristically we expect to find a shortest vector in time $2^{0.312n + o(n)}$, improving upon the classical time complexity of $2^{0.384n + o(n)}$ of Wang et al. These quantum complexities will be an important guide for the selection of parameters for post-quantum cryptosystems based on the hardness of the shortest vector problem.Comment: 19 page

On the sphere-decoding algorithm I. Expected complexity

The problem of finding the least-squares solution to a system of linear equations where the unknown vector is comprised of integers, but the matrix coefficient and given vector are comprised of real numbers, arises in many applications: communications, cryptography, GPS, to name a few. The problem is equivalent to finding the closest lattice point to a given point and is known to be NP-hard. In communications applications, however, the given vector is not arbitrary but rather is an unknown lattice point that has been perturbed by an additive noise vector whose statistical properties are known. Therefore, in this paper, rather than dwell on the worst-case complexity of the integer least-squares problem, we study its expected complexity, averaged over the noise and over the lattice. For the "sphere decoding" algorithm of Fincke and Pohst, we find a closed-form expression for the expected complexity, both for the infinite and finite lattice. It is demonstrated in the second part of this paper that, for a wide range of signal-to-noise ratios (SNRs) and numbers of antennas, the expected complexity is polynomial, in fact, often roughly cubic. Since many communications systems operate at noise levels for which the expected complexity turns out to be polynomial, this suggests that maximum-likelihood decoding, which was hitherto thought to be computationally intractable, can, in fact, be implemented in real time - a result with many practical implications

Modelling avalanches in martensites

Solids subject to continuous changes of temperature or mechanical load often exhibit discontinuous avalanche-like responses. For instance, avalanche dynamics have been observed during plastic deformation, fracture, domain switching in ferroic materials or martensitic transformations. The statistical analysis of avalanches reveals a very complex scenario with a distinctive lack of characteristic scales. Much effort has been devoted in the last decades to understand the origin and ubiquity of scale-free behaviour in solids and many other systems. This chapter reviews some efforts to understand the characteristics of avalanches in martensites through mathematical modelling.Comment: Chapter in the book "Avalanches in Functional Materials and Geophysics", edited by E. K. H. Salje, A. Saxena, and A. Planes. The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-45612-6_

Server-Aided Revocable Predicate Encryption: Formalization and Lattice-Based Instantiation

Efficient user revocation is a necessary but challenging problem in many multi-user cryptosystems. Among known approaches, server-aided revocation yields a promising solution, because it allows to outsource the major workloads of system users to a computationally powerful third party, called the server, whose only requirement is to carry out the computations correctly. Such a revocation mechanism was considered in the settings of identity-based encryption and attribute-based encryption by Qin et al. (ESORICS 2015) and Cui et al. (ESORICS 2016), respectively. In this work, we consider the server-aided revocation mechanism in the more elaborate setting of predicate encryption (PE). The latter, introduced by Katz, Sahai, and Waters (EUROCRYPT 2008), provides fine-grained and role-based access to encrypted data and can be viewed as a generalization of identity-based and attribute-based encryption. Our contribution is two-fold. First, we formalize the model of server-aided revocable predicate encryption (SR-PE), with rigorous definitions and security notions. Our model can be seen as a non-trivial adaptation of Cui et al.'s work into the PE context. Second, we put forward a lattice-based instantiation of SR-PE. The scheme employs the PE scheme of Agrawal, Freeman and Vaikuntanathan (ASIACRYPT 2011) and the complete subtree method of Naor, Naor, and Lotspiech (CRYPTO 2001) as the two main ingredients, which work smoothly together thanks to a few additional techniques. Our scheme is proven secure in the standard model (in a selective manner), based on the hardness of the Learning With Errors (LWE) problem.Comment: 24 page

Rank, combinatorial cost and homology torsion growth in higher rank lattices

We investigate the rank gradient and growth of torsion in homology in residually finite groups. As a tool, we introduce a new complexity notion for generating sets, using measured groupoids and combinatorial cost. As an application we prove the vanishing of the above invariants for Farber sequences of subgroups of right angled groups. A group is right angled if it can be generated by a sequence of elements of infinite order such that any two consecutive elements commute. Most non-uniform lattices in higher rank simple Lie groups are right angled. We provide the first examples of uniform (co-compact) right angled arithmetic groups in $\mathrm{SL}(n,\mathbb{R}),~n\geq 3$ and $\mathrm{SO}(p,q)$ for some values of $p,q$. This is a class of lattices for which the Congruence Subgroup Property is not known in general. Using rigidity theory and the notion of invariant random subgroups it follows that both the rank gradient and the homology torsion growth vanish for an arbitrary sequence of subgroups in any right angled lattice in a higher rank simple Lie group.Comment: 29 pages, to appear in Duke Mat