Linear Time Interactive Certificates for the Minimal Polynomial and the Determinant of a Sparse Matrix

International audienceComputational problem certificates are additional data structures for each output, which can be used by a—possibly randomized—verification algorithm that proves the correctness of each output. In this paper, we give an algorithm that computes a certificate for the minimal polynomial of sparse or structured n×n matrices over an abstract field, of sufficiently large cardinality, whose Monte Carlo verification complexity requires a single matrix-vector multiplication and a linear number of extra field operations. We also propose a novel preconditioner that ensures irreducibility of the characteristic polynomial of the generically preconditioned matrix. This preconditioner takes linear time to be applied and uses only two random entries. We then combine these two techniques to give algorithms that compute certificates for the determinant, and thus for the characteristic polynomial, whose Monte Carlo verification complexity is therefore also linear

One-Out-of-Many Proofs: Or How to Leak a Secret and Spend a Coin

We construct a 3-move public coin special honest verifier zero-knowledge proof, a so-called Sigma-protocol, for a list of commitments having at least one commitment that opens to 0. It is not required for the prover to know openings of the other commitments. The proof system is efficient, in particular in terms of communication requiring only the transmission of a logarithmic number of commitments. We use our proof system to instantiate both ring signatures and zerocoin, a novel mechanism for bitcoin privacy. We use our Sigma-protocol as a (linkable) ad-hoc group identification scheme where the users have public keys that are commitments and demonstrate knowledge of an opening for one of the commitments to unlinkably identify themselves (once) as belonging to the group. Applying the Fiat-Shamir transform on the group identification scheme gives rise to ring signatures, applying it to the linkable group identification scheme gives rise to zerocoin. Our ring signatures are very small compared to other ring signature schemes and we only assume the users’ secret keys to be the discrete logarithms of single group elements so the setup is quite realistic. Similarly, compared with the original zerocoin protocol we only rely on a weak cryptographic assumption and do not require a trusted setup. A third application of our Sigma protocol is an efficient proof of membership of a secret committed value belonging to a public list of values

Efficient solvers for hybridized three-field mixed finite element coupled poromechanics

We consider a mixed hybrid finite element formulation for coupled poromechanics. A stabilization strategy based on a macro-element approach is advanced to eliminate the spurious pressure modes appearing in undrained/incompressible conditions. The efficient solution of the stabilized mixed hybrid block system is addressed by developing a class of block triangular preconditioners based on a Schur-complement approximation strategy. Robustness, computational efficiency and scalability of the proposed approach are theoretically discussed and tested using challenging benchmark problems on massively parallel architectures

Introduction to multigrid methods

These notes were written for an introductory course on the application of multigrid methods to elliptic and hyperbolic partial differential equations for engineers, physicists and applied mathematicians. The use of more advanced mathematical tools, such as functional analysis, is avoided. The course is intended to be accessible to a wide audience of users of computational methods. We restrict ourselves to finite volume and finite difference discretization. The basic principles are given. Smoothing methods and Fourier smoothing analysis are reviewed. The fundamental multigrid algorithm is studied. The smoothing and coarse grid approximation properties are discussed. Multigrid schedules and structured programming of multigrid algorithms are treated. Robustness and efficiency are considered

The location of roots of equations with particular reference to the generalized eigenvalue problem

A survey is presented of algorithms which are in current use for the solution of a single algebraic or transcendental equation in one unknown, together with an appraisal of their practical performance. The first part of the thesis consists of an account of the theoretical basis of a number of iterative methods and an examination of the problems to be overcome in order to achieve a successful computer implementation. In the selection of specific programs for testing, the emphasis has been placed on methods which are suitable for use, in conjunction with determinant evaluation, for the solution of standard eigenvalue problems and generalized problems of the form A(λ)x = O, where the elements of A are linear or non-linear functions of λ. The principal requirements for such purposes are that: 1. the algorithm should not be restricted to polynomial equations 2. derivative evaluation should not be required. Examples of eigenvalue problems arising from engineering applications illustrate the potential difficulties of determining roots. Particular attention is given to the problem of calculating a number of roots in cases where a priori estimates for each root are not available. The discussion is extended to give a brief account of possible approaches to the problem of locating complex roots. Interpolation methods are found to be particularly versatile and can be recommended for their accuracy and efficiency. It is also suggested that such algorithms may often be employed as search strategies in the absence of good initial estimates of the roots. Mention is also made of those features of practical implementation which were found to be particularly useful, together with a list of some outstanding difficulties, associated principally with the automatic computation of several roots of an equation

Multilinear Maps in Cryptography

Multilineare Abbildungen spielen in der modernen Kryptographie eine immer bedeutendere Rolle. In dieser Arbeit wird auf die Konstruktion, Anwendung und Verbesserung von multilinearen Abbildungen eingegangen