Revisiting the Sanders-Freiman-Ruzsa Theorem in Fpn\mathbb{F}_p^n and its Application to Non-malleable Codes

Non-malleable codes (NMCs) protect sensitive data against degrees of corruption that prohibit error detection, ensuring instead that a corrupted codeword decodes correctly or to something that bears little relation to the original message. The split-state model, in which codewords consist of two blocks, considers adversaries who tamper with either block arbitrarily but independently of the other. The simplest construction in this model, due to Aggarwal, Dodis, and Lovett (STOC'14), was shown to give NMCs sending k-bit messages to $O(k^7)$-bit codewords. It is conjectured, however, that the construction allows linear-length codewords. Towards resolving this conjecture, we show that the construction allows for code-length $O(k^5)$. This is achieved by analysing a special case of Sanders's Bogolyubov-Ruzsa theorem for general Abelian groups. Closely following the excellent exposition of this result for the group $\mathbb{F}_2^n$ by Lovett, we expose its dependence on $p$ for the group $\mathbb{F}_p^n$, where $p$ is a prime

On a conjecture of Marton

We prove a conjecture of K. Marton, widely known as the polynomial Freiman--Ruzsa conjecture, in characteristic $2$. The argument extends to odd characteristic, with details to follow in a subsequent paper.Comment: 33 pages, updated version now to be submitted for publicatio

The Kelley--Meka bounds for sets free of three-term arithmetic progressions

We give a self-contained exposition of the recent remarkable result of Kelley and Meka: if $A\subseteq \{1,\ldots,N\}$ has no non-trivial three-term arithmetic progressions then $\lvert A\rvert \leq \exp(-c(\log N)^{1/11})N$ for some constant $c>0$. Although our proof is identical to that of Kelley and Meka in all of the main ideas, we also incorporate some minor simplifications relating to Bohr sets. This eases some of the technical difficulties tackled by Kelley and Meka and widens the scope of their method. As a consequence, we improve the lower bounds for finding long arithmetic progressions in $A+A+A$, where $A\subseteq \{1,\ldots,N\}$.Comment: 20 page

Sampling-based proofs of almost-periodicity results and algorithmic applications

We give new combinatorial proofs of known almost-periodicity results for sumsets of sets with small doubling in the spirit of Croot and Sisask, whose almost-periodicity lemma has had far-reaching implications in additive combinatorics. We provide an alternative (and L^p-norm free) point of view, which allows for proofs to easily be converted to probabilistic algorithms that decide membership in almost-periodic sumsets of dense subsets of F_2^n. As an application, we give a new algorithmic version of the quasipolynomial Bogolyubov-Ruzsa lemma recently proved by Sanders. Together with the results by the last two authors, this implies an algorithmic version of the quadratic Goldreich-Levin theorem in which the number of terms in the quadratic Fourier decomposition of a given function is quasipolynomial in the error parameter, compared with an exponential dependence previously proved by the authors. It also improves the running time of the algorithm to have quasipolynomial dependence instead of an exponential one. We also give an application to the problem of finding large subspaces in sumsets of dense sets. Green showed that the sumset of a dense subset of F_2^n contains a large subspace. Using Fourier analytic methods, Sanders proved that such a subspace must have dimension bounded below by a constant times the density times n. We provide an alternative (and L^p norm-free) proof of a comparable bound, which is analogous to a recent result of Croot, Laba and Sisask in the integers.Comment: 28 page

Fourier sparsity, spectral norm, and the Log-rank conjecture

We study Boolean functions with sparse Fourier coefficients or small spectral norm, and show their applications to the Log-rank Conjecture for XOR functions f(x\oplus y) --- a fairly large class of functions including well studied ones such as Equality and Hamming Distance. The rank of the communication matrix M_f for such functions is exactly the Fourier sparsity of f. Let d be the F2-degree of f and D^CC(f) stand for the deterministic communication complexity for f(x\oplus y). We show that 1. D^CC(f) = O(2^{d^2/2} log^{d-2} ||\hat f||_1). In particular, the Log-rank conjecture holds for XOR functions with constant F2-degree. 2. D^CC(f) = O(d ||\hat f||_1) = O(\sqrt{rank(M_f)}\logrank(M_f)). We obtain our results through a degree-reduction protocol based on a variant of polynomial rank, and actually conjecture that its communication cost is already \log^{O(1)}rank(M_f). The above bounds also hold for the parity decision tree complexity of f, a measure that is no less than the communication complexity (up to a factor of 2). Along the way we also show several structural results about Boolean functions with small F2-degree or small spectral norm, which could be of independent interest. For functions f with constant F2-degree: 1) f can be written as the summation of quasi-polynomially many indicator functions of subspaces with \pm-signs, improving the previous doubly exponential upper bound by Green and Sanders; 2) being sparse in Fourier domain is polynomially equivalent to having a small parity decision tree complexity; 3) f depends only on polylog||\hat f||_1 linear functions of input variables. For functions f with small spectral norm: 1) there is an affine subspace with co-dimension O(||\hat f||_1) on which f is a constant; 2) there is a parity decision tree with depth O(||\hat f||_1 log ||\hat f||_0).Comment: v2: Corollary 31 of v1 removed because of a bug in the proof. (Other results not affected.

Structures linéaires dans les ensembles à faible densité

Réalisé en cotutelle avec l'Université Paris-Diderot.Nous présentons trois résultats en combinatoire additive, un domaine récent à la croisée de la combinatoire, l'analyse harmonique et la théorie analytique des nombres. Le thème unificateur de notre thèse est la détection de structures additives dans les ensembles arithmétiques à faible densité, avec un intérêt particulier pour les aspects quantitatifs. Notre première contribution est une estimation de densité améliorée pour le problème, initié entre autres par Bourgain, de trouver une longue progression arithmétique dans un ensemble somme triple. Notre deuxième résultat consiste en une généralisation des bornes de Sanders pour le théorème de Roth, du cas d'un ensemble dense dans les entiers à celui d'un ensemble à faible croissance additive dans un groupe abélien arbitraire. Finalement, nous étendons les meilleures bornes quantitatives connues pour le théorème de Roth dans les premiers, à tous les systèmes d'équations linéaires invariants par translation et de complexité un.We present three results in additive combinatorics, a recent field at the interface of combinatorics, harmonic analysis and analytic number theory. The unifying theme in our thesis is the detection of additive structure in arithmetic sets of low density, with an emphasis on quantitative aspects. Our first contribution is an improved density estimate for the problem, initiated by Bourgain and others, of finding a long arithmetic progression in a triple sumset. Our second result is a generalization of Sanders' bounds for Roth's theorem from the dense setting, to the setting of small doubling in an arbitrary abelian group. Finally, we extend the best known quantitative results for Roth's theorem in the primes, to all translation-invariant systems of equations of complexity one

Non-malleable Codes from Additive Combinatorics

Non-malleable codes provide a useful and meaningful security guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. Although such codes do not exist if the family of tampering functions \cF is completely unrestricted, they are known to exist for many broad tampering families \cF. One such natural family is the family of tampering functions in the so called {\em split-state} model. Here the message m is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with L and R {\em individually}. The split-state tampering arises in many realistic applications, such as the design of non-malleable secret sharing schemes, motivating the question of designing efficient non-malleable codes in this model. Prior to this work, non-malleable codes in the split-state model received considerable attention in the literature, but were either (1) constructed in the random oracle model [DPW10], or (2) relied on advanced cryptographic assumptions (such as non-interactive zero-knowledge proofs and leakage-resilient encryption) [LL12], or (3) could only encode 1-bit messages [DKO13]. As our main result, we build the first efficient, multi-bit, information-theoretically-secure non-malleable code in the split-state model. The heart of our construction uses the following new property of the inner-product function over the vector space F_p^n (for any prime p and large enough dimension n): if L and R are uniformly random over F_p^n, and f,g: F_p^n \rightarrow F_p^n are two arbitrary functions on L and R, the joint distribution (,) is ``close\u27\u27 to the convex combination of affine distributions {(U,c U+d)| c,d \in F_p}, where U is uniformly random in F_p. In turn, the proof of this surprising property of the inner product function critically relies on some results from additive combinatorics, including the so called {\em Quasi-polynomial Freiman-Ruzsa Theorem} (which was recently established by Sanders [San12] as a step towards resolving the Polynomial Freiman-Ruzsa conjecture [Gre05])