7,702 research outputs found
Decidability properties for fragments of CHR
We study the decidability of termination for two CHR dialects which,
similarly to the Datalog like languages, are defined by using a signature which
does not allow function symbols (of arity >0). Both languages allow the use of
the = built-in in the body of rules, thus are built on a host language that
supports unification. However each imposes one further restriction. The first
CHR dialect allows only range-restricted rules, that is, it does not allow the
use of variables in the body or in the guard of a rule if they do not appear in
the head. We show that the existence of an infinite computation is decidable
for this dialect. The second dialect instead limits the number of atoms in the
head of rules to one. We prove that in this case, the existence of a
terminating computation is decidable. These results show that both dialects are
strictly less expressive than Turing Machines. It is worth noting that the
language (without function symbols) without these restrictions is as expressive
as Turing Machines
A CCA2 Secure Variant of the McEliece Cryptosystem
The McEliece public-key encryption scheme has become an interesting
alternative to cryptosystems based on number-theoretical problems. Differently
from RSA and ElGa- mal, McEliece PKC is not known to be broken by a quantum
computer. Moreover, even tough McEliece PKC has a relatively big key size,
encryption and decryption operations are rather efficient. In spite of all the
recent results in coding theory based cryptosystems, to the date, there are no
constructions secure against chosen ciphertext attacks in the standard model -
the de facto security notion for public-key cryptosystems. In this work, we
show the first construction of a McEliece based public-key cryptosystem secure
against chosen ciphertext attacks in the standard model. Our construction is
inspired by a recently proposed technique by Rosen and Segev
HFR Code: A Flexible Replication Scheme for Cloud Storage Systems
Fractional repetition (FR) codes are a family of repair-efficient storage
codes that provide exact and uncoded node repair at the minimum bandwidth
regenerating point. The advantageous repair properties are achieved by a
tailor-made two-layer encoding scheme which concatenates an outer
maximum-distance-separable (MDS) code and an inner repetition code. In this
paper, we generalize the application of FR codes and propose heterogeneous
fractional repetition (HFR) code, which is adaptable to the scenario where the
repetition degrees of coded packets are different. We provide explicit code
constructions by utilizing group divisible designs, which allow the design of
HFR codes over a large range of parameters. The constructed codes achieve the
system storage capacity under random access repair and have multiple repair
alternatives for node failures. Further, we take advantage of the systematic
feature of MDS codes and present a novel design framework of HFR codes, in
which storage nodes can be wisely partitioned into clusters such that data
reconstruction time can be reduced when contacting nodes in the same cluster.Comment: Accepted for publication in IET Communications, Jul. 201
Concurrent Knowledge-Extraction in the Public-Key Model
Knowledge extraction is a fundamental notion, modelling machine possession of
values (witnesses) in a computational complexity sense. The notion provides an
essential tool for cryptographic protocol design and analysis, enabling one to
argue about the internal state of protocol players without ever looking at this
supposedly secret state. However, when transactions are concurrent (e.g., over
the Internet) with players possessing public-keys (as is common in
cryptography), assuring that entities ``know'' what they claim to know, where
adversaries may be well coordinated across different transactions, turns out to
be much more subtle and in need of re-examination. Here, we investigate how to
formally treat knowledge possession by parties (with registered public-keys)
interacting over the Internet. Stated more technically, we look into the
relative power of the notion of ``concurrent knowledge-extraction'' (CKE) in
the concurrent zero-knowledge (CZK) bare public-key (BPK) model.Comment: 38 pages, 4 figure
Simultaneous Finite Automata: An Efficient Data-Parallel Model for Regular Expression Matching
Automata play important roles in wide area of computing and the growth of
multicores calls for their efficient parallel implementation. Though it is
known in theory that we can perform the computation of a finite automaton in
parallel by simulating transitions, its implementation has a large overhead due
to the simulation. In this paper we propose a new automaton called simultaneous
finite automaton (SFA) for efficient parallel computation of an automaton. The
key idea is to extend an automaton so that it involves the simulation of
transitions. Since an SFA itself has a good property of parallelism, we can
develop easily a parallel implementation without overheads. We have implemented
a regular expression matcher based on SFA, and it has achieved over 10-times
speedups on an environment with dual hexa-core CPUs in a typical case.Comment: This paper has been accepted at the following conference: 2013
International Conference on Parallel Processing (ICPP- 2013), October 1-4,
2013 Ecole Normale Suprieure de Lyon, Lyon, Franc
On Constant-Round Concurrent Zero-Knowledge from a Knowledge Assumption
In this work, we consider the long-standing open question of constructing
constant-round concurrent zero-knowledge protocols in the plain model.
Resolving this question is known to require non-black-box techniques.
We consider non-black-box techniques for zero-knowledge based on knowledge
assumptions, a line of thinking initiated by the work of Hada and Tanaka
(CRYPTO 1998). Prior to our work, it was not known whether knowledge
assumptions could be used for achieving security in the concurrent setting, due
to a number of significant limitations that we discuss here. Nevertheless, we
obtain the following results:
1. We obtain the first constant round concurrent zero-knowledge argument for
\textbf{NP} in the plain model based on a new variant of knowledge of exponent
assumption. Furthermore, our construction avoids the inefficiency inherent in
previous non-black-box techniques such that those of Barak (FOCS 2001); we
obtain our result through an efficient protocol compiler.
2. Unlike Hada and Tanaka, we do not require a knowledge assumption to argue
the soundness of our protocol. Instead, we use a discrete log like assumption,
which we call Diffie-Hellman Logarithm Assumption, to prove the soundness of
our protocol.
3. We give evidence that our new variant of knowledge of exponent assumption
is in fact plausible. In particular, we show that our assumption holds in the
generic group model.
4. Knowledge assumptions are especially delicate assumptions whose
plausibility may be hard to gauge. We give a novel framework to express
knowledge assumptions in a more flexible way, which may allow for formulation
of plausible assumptions and exploration of their impact and application in
cryptography.Comment: 30 pages, 3 figure
- …