Computing the canonical representation of constructible sets

Constructible sets are needed in many algorithms of Computer Algebra, particularly in the GröbnerCover and other algorithms for parametric polynomial systems. In this paper we review the canonical form ofconstructible sets and give algorithms for computing it.Peer ReviewedPostprint (author's final draft

ADAM: Analysis of Discrete Models of Biological Systems Using Computer Algebra

Abstract Background Many biological systems are modeled qualitatively with discrete models, such as probabilistic Boolean networks, logical models, Petri nets, and agent-based models, to gain a better understanding of them. The computational complexity to analyze the complete dynamics of these models grows exponentially in the number of variables, which impedes working with complex models. There exist software tools to analyze discrete models, but they either lack the algorithmic functionality to analyze complex models deterministically or they are inaccessible to many users as they require understanding the underlying algorithm and implementation, do not have a graphical user interface, or are hard to install. Efficient analysis methods that are accessible to modelers and easy to use are needed. Results We propose a method for efficiently identifying attractors and introduce the web-based tool Analysis of Dynamic Algebraic Models (ADAM), which provides this and other analysis methods for discrete models. ADAM converts several discrete model types automatically into polynomial dynamical systems and analyzes their dynamics using tools from computer algebra. Specifically, we propose a method to identify attractors of a discrete model that is equivalent to solving a system of polynomial equations, a long-studied problem in computer algebra. Based on extensive experimentation with both discrete models arising in systems biology and randomly generated networks, we found that the algebraic algorithms presented in this manuscript are fast for systems with the structure maintained by most biological systems, namely sparseness and robustness. For a large set of published complex discrete models, ADAM identified the attractors in less than one second. Conclusions Discrete modeling techniques are a useful tool for analyzing complex biological systems and there is a need in the biological community for accessible efficient analysis tools. ADAM provides analysis methods based on mathematical algorithms as a web-based tool for several different input formats, and it makes analysis of complex models accessible to a larger community, as it is platform independent as a web-service and does not require understanding of the underlying mathematics

A Poly-algorithmic Approach to Quantifier Elimination

Cylindrical Algebraic Decomposition (CAD) was the first practical means for doing real quantifier elimination (QE), and is still a major method, with many improvements since Collins' original method. Nevertheless, its complexity is inherently doubly exponential in the number of variables. Where applicable, virtual term substitution (VTS) is more effective, turning a QE problem in $n$ variables to one in $n-1$ variables in one application, and so on. Hence there is scope for hybrid methods: doing VTS where possible then using CAD. This paper describes such a poly-algorithmic implementation, based on the second author's Ph.D. thesis. The version of CAD used is based on a new implementation of Lazard's recently-justified method, with some improvements to handle equational constraints

In Memory of Vladimir Gerdt

Center for Computational Methods in Applied Mathematics of RUDN, Professor V.P. Gerdt, whose passing was a great loss to the scientific center and the computer algebra community. The article provides biographical information about V.P. Gerdt, talks about his contribution to the development of computer algebra in Russia and the world. At the end there are the author’s personal memories of V.P. Gerdt.Настоящая статья - мемориальная, она посвящена памяти руководителя научного центра вычислительных методов в прикладной математике РУДН, профессора В.П. Гердта, чей уход стал невосполнимой потерей для научного центра и всего сообщества компьютерной алгебры. В статье приведены биографические сведения о В.П. Гердте, рассказано о его вкладе в развитие компьютерной алгебры в России и мире. В конце приведены личные воспоминания автора о В.П. Гердте

GeoGebra as a learning mathematical environment

GeoGebra, a software system for dynamic geometry and algebra in the plane, since its inception in 2001, has gone from a dynamic geometry software (DGS), to a powerful computational tool in several areas of mathematics. Powerful algebraic capabilities have joined GeoGebra, an efficient spreadsheet that can deal with many kinds of objects, an algebraic and symbolic calculation system and several graphical views that expand the possibility of multidimensional representations, namely, by using colouring domain techniques, expanded to representations in the Riemann sphere, making this DGS a powerful research tool in mathematics. On the other hand, GeoGebra can create applications easily and export to HTML, and the possibility to quickly integrating these applets in several web platforms provides this DGS with an excellent way to create strong collaborative environments to teach and learn mathematics. Recently was added to GeoGebra powerful capabilities that transform this software a real Learning Mathematical Environment, using the GeoGebraBooks and GeoGebraGroups, plain of collaborative functionality between students and teachers

Thomas Decomposition of Algebraic and Differential Systems

In this paper we consider disjoint decomposition of algebraic and non-linear partial differential systems of equations and inequations into so-called simple subsystems. We exploit Thomas decomposition ideas and develop them into a new algorithm. For algebraic systems simplicity means triangularity, squarefreeness and non-vanishing initials. For differential systems the algorithm provides not only algebraic simplicity but also involutivity. The algorithm has been implemented in Maple

Algebraic Cryptanalysis of Deterministic Symmetric Encryption

Deterministic symmetric encryption is widely used in many cryptographic applications. The security of deterministic block and stream ciphers is evaluated using cryptanalysis. Cryptanalysis is divided into two main categories: statistical cryptanalysis and algebraic cryptanalysis. Statistical cryptanalysis is a powerful tool for evaluating the security but it often requires a large number of plaintext/ciphertext pairs which is not always available in real life scenario. Algebraic cryptanalysis requires a smaller number of plaintext/ciphertext pairs but the attacks are often underestimated compared to statistical methods. In algebraic cryptanalysis, we consider a polynomial system representing the cipher and a solution of this system reveals the secret key used in the encryption. The contribution of this thesis is twofold. Firstly, we evaluate the performance of existing algebraic techniques with respect to number of plaintext/ciphertext pairs and their selection. We introduce a new strategy for selection of samples. We build this strategy based on cube attacks, which is a well-known technique in algebraic cryptanalysis. We use cube attacks as a fast heuristic to determine sets of plaintexts for which standard algebraic methods, such as Groebner basis techniques or SAT solvers, are more efficient. Secondly, we develop a~new technique for algebraic cryptanalysis which allows us to speed-up existing Groebner basis techniques. This is achieved by efficient finding special polynomials called mutants. Using these mutants in Groebner basis computations and SAT solvers reduces the computational cost to solve the system. Hence, both our methods are designed as tools for building polynomial system representing a cipher. Both tools can be combined and they lead to a significant speedup, even for very simple algebraic solvers

An introduction to interval-based constraint processing.

Constraint programming is often associated with solving problems over finite domains. Many applications in engineering, CAD and design, however, require solving problems over continuous (real-valued) domains. While simple constraint solvers can solve linear constraints with the inaccuracy of floating-point arithmetic, methods based on interval arithmetic allow exact (interval) solutions over a much wider range of problems. Applications of interval-based programming extend the range of solvable problems from non-linear polynomials up to those involving ordinary differential equations. In this text, we give an introduction to current approaches, methods and implementations of interval-based constraint programming and solving. Special care is taken to provide a uniform and consistent notation, since the literature in this field employs many seemingly different, but yet conceptually related, notations and terminology

Selected Topics in Cryptanalysis of Symmetric Ciphers

It is well established that a symmetric cipher may be described as a system of Boolean polynomials, and that the security of the cipher cannot be better than the difficulty of solving said system. Compressed Right-Hand Side (CRHS) Equations is but one way of describing a symmetric cipher in terms of Boolean polynomials. The first paper of this thesis provides a comprehensive treatment firstly of the relationship between Boolean functions in algebraic normal form, Binary Decision Diagrams and CRHS equations. Secondly, of how CRHS equations may be used to describe certain kinds of symmetric ciphers and how this model may be used to attempt a key-recovery attack. This technique is not left as a theoretical exercise, as the process have been implemented as an open-source project named CryptaPath. To ensure accessibility for researchers unfamiliar with algebraic cryptanalysis, CryptaPath can convert a reference implementation of the target cipher, as specified by a Rust trait, into the CRHS equations model automatically. CRHS equations are not limited to key-recovery attacks, and Paper II explores one such avenue of CRHS equations flexibility. Linear and differential cryptanalysis have long since established their position as two of the most important cryptanalytical attacks, and every new design since must show resistance to both. For some ciphers, like the AES, this resistance can be mathematically proven, but many others are left to heuristic arguments and computer aided proofs. This work is tedious, and most of the tools require good background knowledge of a tool/technique to transform a design to the right input format, with a notable exception in CryptaGraph. CryptaGraph is written in Rust and transforms a reference implementation into CryptaGraphs underlying data structure automatically. Paper II introduces a new way to use CRHS equations to model a symmetric cipher, this time in such a way that linear and differential trail searches are possible. In addition, a new set of operations allowing us to count the number of active S-boxes in a path is presented. Due to CRHS equations effective initial data compression, all possible trails are captured in the initial system description. As is the case with CRHS equations, the crux is the memory consumption. However, this approach also enables the graph of a CRHS equation to be pruned, allowing the memory consumption to be kept at manageable levels. Unfortunately, pruning nodes also means that we will lose valid, incomplete paths, meaning that the hulls found are probably incomplete. On the flip side, all paths, and their corresponding probabilities, found by the tool are guaranteed to be valid trails for the cipher. This theory is also implemented in an extension of CryptaPath, and the name is PathFinder. PathFinder is also able to automatically turn a reference implementation of a cipher into its CRHS equations-based model. As an additional bonus, PathFinder supports the reference implementation specifications specified by CryptaGraph, meaning that the same reference implementation can be used for both CryptaGraph and PathFinder. Paper III shifts focus onto symmetric ciphers designed to be used in conjunction with FHE schemes. Symmetric ciphers designed for this purpose are relatively new and have naturally had a strong focus on reducing the number of multiplications performed. A multiplication is considered expensive on the noise budget of the FHE scheme, while linear operations are viewed as cheap. These ciphers are all assuming that it is possible to find parameters in the various FHE schemes which allow these ciphers to work well in symbiosis with the FHE scheme. Unfortunately, this is not always possible, with the consequence that the decryption process becomes more costly than necessary. Paper III therefore proposes Fasta, a stream cipher which has its parameters and linear layer especially chosen to allow efficient implementation over the BGV scheme, particularly as implemented in the HElib library. The linear layers are drawn from a family of rotation-based linear transformations, as cyclic rotations are cheap to do in FHE schemes that allow packing of multiple plaintext elements in one FHE ciphertext. Fasta follows the same design philosophy as Rasta, and will never use the same linear layer twice under the same key. The result is a stream cipher tailor-made for fast evaluation in HElib. Fasta shows an improvement in throughput of a factor more than 7 when compared to the most efficient implementation of Rasta.Doktorgradsavhandlin