Improved Constructions of Frameproof Codes

Frameproof codes are used to preserve the security in the context of coalition when fingerprinting digital data. Let $M_{c,l}(q)$ be the largest cardinality of a $q$-ary $c$-frameproof code of length $l$ and $R_{c,l}=\lim_{q\rightarrow \infty}M_{c,l}(q)/q^{\lceil l/c\rceil}$. It has been determined by Blackburn that $R_{c,l}=1$ when $l\equiv 1\ (\bmod\ c)$, $R_{c,l}=2$ when $c=2$ and $l$ is even, and $R_{3,5}=5/3$. In this paper, we give a recursive construction for $c$-frameproof codes of length $l$ with respect to the alphabet size $q$. As applications of this construction, we establish the existence results for $q$-ary $c$-frameproof codes of length $c+2$ and size $\frac{c+2}{c}(q-1)^2+1$ for all odd $q$ when $c=2$ and for all $q\equiv 4\pmod{6}$ when $c=3$. Furthermore, we show that $R_{c,c+2}=(c+2)/c$ meeting the upper bound given by Blackburn, for all integers $c$ such that $c+1$ is a prime power.Comment: 6 pages, to appear in Information Theory, IEEE Transactions o

Fingerprinting Codes and Related Combinatorial Structures

Fingerprinting codes were introduced by Boneh and Shaw in 1998 as a method of copyright control. The desired properties of a good fingerprinting code has been found to have deep connections to combinatorial structures such as error-correcting codes and cover-free families. The particular property that motivated our research is called "frameproof". This has been studied extensively when the alphabet size q is at least as large as the colluder size w. Much less is known about the case q < w, and we prove several interesting properties about the binary case q = 2 in this thesis. When the length of the code N is relatively small, we have shown that the number of codewords n cannot exceed N, which is a tight bound since the n = N case can be satisfied a trivial construction using permutation matrices. Furthermore, the only possible candidates are equivalent to this trivial construction. Generalization to a restricted parameter set of separating hash families is also given. As a consequence, the above result motivates the question of when a non-trivial construction can be found, and we give some definitive answers by considering combinatorial designs. In particular, we give a necessary and sufficient condition for a symmetric design to be a binary 3-frameproof code, and provide example classes of symmetric designs that satisfy or fail this condition. Finally, we apply our results to a problem of constructing short binary frameproof codes

Separating hash families with large universe

Separating hash families are useful combinatorial structures which generalize several well-studied objects in cryptography and coding theory. Let $p_t(N, q)$ denote the maximum size of universe for a $t$-perfect hash family of length $N$ over an alphabet of size $q$. In this paper, we show that $q^{2-o(1)}<p_t(t, q)=o(q^2)$ for all $t\geq 3$, which answers an open problem about separating hash families raised by Blackburn et al. in 2008 for certain parameters. Previously, this result was known only for $t=3, 4$. Our proof is obtained by establishing the existence of a large set of integers avoiding nontrivial solutions to a set of correlated linear equations.Comment: 17 pages, no figur

Limits to Non-Malleability

There have been many successes in constructing explicit non-malleable codes for various classes of tampering functions in recent years, and strong existential results are also known. In this work we ask the following question: When can we rule out the existence of a non-malleable code for a tampering class ?? First, we start with some classes where positive results are well-known, and show that when these classes are extended in a natural way, non-malleable codes are no longer possible. Specifically, we show that no non-malleable codes exist for any of the following tampering classes: - Functions that change d/2 symbols, where d is the distance of the code; - Functions where each input symbol affects only a single output symbol; - Functions where each of the n output bits is a function of n-log n input bits. Furthermore, we rule out constructions of non-malleable codes for certain classes ? via reductions to the assumption that a distributional problem is hard for ?, that make black-box use of the tampering functions in the proof. In particular, this yields concrete obstacles for the construction of efficient codes for NC, even assuming average-case variants of P ? NC

The Range of Topological Effects on Communication

We continue the study of communication cost of computing functions when inputs are distributed among $k$ processors, each of which is located at one vertex of a network/graph called a terminal. Every other node of the network also has a processor, with no input. The communication is point-to-point and the cost is the total number of bits exchanged by the protocol, in the worst case, on all edges. Chattopadhyay, Radhakrishnan and Rudra (FOCS'14) recently initiated a study of the effect of topology of the network on the total communication cost using tools from $L_1$ embeddings. Their techniques provided tight bounds for simple functions like Element-Distinctness (ED), which depend on the 1-median of the graph. This work addresses two other kinds of natural functions. We show that for a large class of natural functions like Set-Disjointness the communication cost is essentially $n$ times the cost of the optimal Steiner tree connecting the terminals. Further, we show for natural composed functions like $\text{ED} \circ \text{XOR}$ and $\text{XOR} \circ \text{ED}$, the naive protocols suggested by their definition is optimal for general networks. Interestingly, the bounds for these functions depend on more involved topological parameters that are a combination of Steiner tree and 1-median costs. To obtain our results, we use some new tools in addition to ones used in Chattopadhyay et. al. These include (i) viewing the communication constraints via a linear program; (ii) using tools from the theory of tree embeddings to prove topology sensitive direct sum results that handle the case of composed functions and (iii) representing the communication constraints of certain problems as a family of collection of multiway cuts, where each multiway cut simulates the hardness of computing the function on the star topology