Root finding with threshold circuits

We show that for any constant d, complex roots of degree d univariate rational (or Gaussian rational) polynomials---given by a list of coefficients in binary---can be computed to a given accuracy by a uniform TC^0 algorithm (a uniform family of constant-depth polynomial-size threshold circuits). The basic idea is to compute the inverse function of the polynomial by a power series. We also discuss an application to the theory VTC^0 of bounded arithmetic.Comment: 19 pages, 1 figur

Change of basis for m-primary ideals in one and two variables

Following recent work by van der Hoeven and Lecerf (ISSAC 2017), we discuss the complexity of linear mappings, called untangling and tangling by those authors, that arise in the context of computations with univariate polynomials. We give a slightly faster tangling algorithm and discuss new applications of these techniques. We show how to extend these ideas to bivariate settings, and use them to give bounds on the arithmetic complexity of certain algebras.Comment: In Proceedings ISSAC'19, ACM, New York, USA. See proceedings version for final formattin

Software for Exact Integration of Polynomials over Polyhedra

We are interested in the fast computation of the exact value of integrals of polynomial functions over convex polyhedra. We present speed ups and extensions of the algorithms presented in previous work. We present the new software implementation and provide benchmark computations. The computation of integrals of polynomials over polyhedral regions has many applications; here we demonstrate our algorithmic tools solving a challenge from combinatorial voting theory.Comment: Major updat

Cryptographic Pairings: Efficiency and DLP security

This thesis studies two important aspects of the use of pairings in cryptography, efficient algorithms and security. Pairings are very useful tools in cryptography, originally used for the cryptanalysis of elliptic curve cryptography, they are now used in key exchange protocols, signature schemes and Identity-based cryptography. This thesis comprises of two parts: Security and Efficient Algorithms. In Part I: Security, the security of pairing-based protocols is considered, with a thorough examination of the Discrete Logarithm Problem (DLP) as it occurs in PBC. Results on the relationship between the two instances of the DLP will be presented along with a discussion about the appropriate selection of parameters to ensure particular security level. In Part II: Efficient Algorithms, some of the computational issues which arise when using pairings in cryptography are addressed. Pairings can be computationally expensive, so the Pairing-Based Cryptography (PBC) research community is constantly striving to find computational improvements for all aspects of protocols using pairings. The improvements given in this section contribute towards more efficient methods for the computation of pairings, and increase the efficiency of operations necessary in some pairing-based protocol

A Fast Implementation of Elliptic Curve Cryptosystem with Prime Order Defined over F(p8)

Public key cryptosystem has many uses, such as to sign digitally, to realize electronic commerce. Especially, RSA public key cryptosystem has been the most widely used, but its key for ensuring sufficient security reaches about 2000 bits long. On the other hand, elliptic curve cryptosystem(ECC) has the same security level with about 7-fold smaller length key. Accordingly, ECC has been received much attention and implemented on various processors even with scarce computation resources. In this paper, we deal with an elliptic curve which is defined over extension field F(p2c) and has a prime order, where p is the characteristic and c is a non negative integer. In order to realize a fast software implementation of ECC adopting such an elliptic curve, a fast implementation method of definition field F(p2c) especially F(p8) is proposed by using a technique called successive extension. First, five fast implementation methods of base field F(p2) are introduced. In each base field implementation, calculation costs of F(p2)-arithmetic operations are evaluated by counting the numbers of F(p)-arithmetic operations. Next, a successive extension method which adopts a polynomial basis and a binomial as the modular polynomial is proposed with comparing to a conventional method. Finally, we choose two prime numbers as the characteristic, and consider several implementations for definition field F(p8) by using five base fields and two successive extension methods. Then, one of these implementations is especially selected and implemented on Toshiba 32-bit micro controller TMP94C251(20MHz) by using C language. By evaluating calculation times with comparing to previous works, we conclude that proposed method can achieve a fast implementation of ECC with a prime order

Ring-LWE Cryptography for the Number Theorist

In this paper, we survey the status of attacks on the ring and polynomial learning with errors problems (RLWE and PLWE). Recent work on the security of these problems [Eisentr\"ager-Hallgren-Lauter, Elias-Lauter-Ozman-Stange] gives rise to interesting questions about number fields. We extend these attacks and survey related open problems in number theory, including spectral distortion of an algebraic number and its relationship to Mahler measure, the monogenic property for the ring of integers of a number field, and the size of elements of small order modulo q.Comment: 20 Page