Asymptotically good binary linear codes with asymptotically good self-intersection spans

If C is a binary linear code, let C^2 be the linear code spanned by intersections of pairs of codewords of C. We construct an asymptotically good family of binary linear codes such that, for C ranging in this family, the C^2 also form an asymptotically good family. For this we use algebraic-geometry codes, concatenation, and a fair amount of bilinear algebra. More precisely, the two main ingredients used in our construction are, first, a description of the symmetric square of an odd degree extension field in terms only of field operations of small degree, and second, a recent result of Garcia-Stichtenoth-Bassa-Beelen on the number of points of curves on such an odd degree extension field.Comment: 18 pages; v2->v3: expanded introduction and bibliography + various minor change

Torsion Limits and Riemann-Roch Systems for Function Fields and Applications

The Ihara limit (or -constant) $A(q)$ has been a central problem of study in the asymptotic theory of global function fields (or equivalently, algebraic curves over finite fields). It addresses global function fields with many rational points and, so far, most applications of this theory do not require additional properties. Motivated by recent applications, we require global function fields with the additional property that their zero class divisor groups contain at most a small number of $d$-torsion points. We capture this by the torsion limit, a new asymptotic quantity for global function fields. It seems that it is even harder to determine values of this new quantity than the Ihara constant. Nevertheless, some non-trivial lower- and upper bounds are derived. Apart from this new asymptotic quantity and bounds on it, we also introduce Riemann-Roch systems of equations. It turns out that this type of equation system plays an important role in the study of several other problems in areas such as coding theory, arithmetic secret sharing and multiplication complexity of finite fields etc. Finally, we show how our new asymptotic quantity, our bounds on it and Riemann-Roch systems can be used to improve results in these areas.Comment: Accepted for publication in IEEE Transactions on Information Theory. This is an extended version of our paper in Proceedings of 31st Annual IACR CRYPTO, Santa Barbara, Ca., USA, 2011. The results in Sections 5 and 6 did not appear in that paper. A first version of this paper has been widely circulated since November 200

On products and powers of linear codes under componentwise multiplication

In this text we develop the formalism of products and powers of linear codes under componentwise multiplication. As an expanded version of the author's talk at AGCT-14, focus is put mostly on basic properties and descriptive statements that could otherwise probably not fit in a regular research paper. On the other hand, more advanced results and applications are only quickly mentioned with references to the literature. We also point out a few open problems. Our presentation alternates between two points of view, which the theory intertwines in an essential way: that of combinatorial coding, and that of algebraic geometry. In appendices that can be read independently, we investigate topics in multilinear algebra over finite fields, notably we establish a criterion for a symmetric multilinear map to admit a symmetric algorithm, or equivalently, for a symmetric tensor to decompose as a sum of elementary symmetric tensors.Comment: 75 pages; expanded version of a talk at AGCT-14 (Luminy), to appear in vol. 637 of Contemporary Math., AMS, Apr. 2015; v3: minor typos corrected in the final "open questions" sectio

Algebraic Techniques for Low Communication Secure Protocols

Internet communication is often encrypted with the aid of mathematical problems that are hard to solve. Another method to secure electronic communication is the use of a digital lock of which the digital key must be exchanged first. PhD student Robbert de Haan (CWI) researched models for a guaranteed safe communication between two people without the exchange of a digital key and without assumptions concerning the practical difficulty of solving certain mathematical problems. In ancient times Julius Caesar used secret codes to make his messages illegible for spies. He upped every letter of the alphabet with three positions: A became D, Z became C, and so on. Usually, cryptographers research secure communication between two people through one channel that can be monitored by malevolent people. De Haan studied the use of multiple channels. A minority of these channels may be in the hands of adversaries that can intercept, replace or block the message. He proved the most efficient way to securely communicate along these channels and thus solved a fundamental cryptography problem that was introduced almost 20 years ago by Dole, Dwork, Naor and Yung

On the complexity of arithmetic secret sharing

Since the mid 2000s, asymptotically-good strongly-multiplicative linear (ramp) secret sharing schemes over a fixed finite field have turned out as a central theoretical primitive in numerous constant-communication-rate results in multi-party cryptographic scenarios, and, surprisingly, in two-party cryptography as well. Known constructions of this most powerful class of arithmetic secret sharing schemes all rely heavily on algebraic geometry (AG), i.e., on dedicated AG codes based on asymptotically good towers of algebraic function fields defined over finite fields. It is a well-known open question since the first (explicit) constructions of such schemes appeared in CRYPTO 2006 whether the use of “heavy machinery” can be avoided here. i.e., the question is whether the mere existence of such schemes can also be proved by “elementary” techniques only (say, from classical algebraic coding theory), even disregarding effective construction. So far, there is no progress. In this paper we show the theoretical result that, (1) no matter whether this open question has an affirmative answer or not, these schemes can be constructed explicitly by elementary algorithms defined in terms of basic algebraic coding theory. This pertains to all relevant operations associated to such schemes, including, notably, the generation of an instance for a given number of players n, as well as error correction in the presence of corrupt shares. We further show that (2) the algorithms are quasi-linear time (in n); this is (asymptotically) significantly more efficient than the known constructions. That said, the analysis of the mere termination of these algorithms does still rely on algebraic geometry, in the sense that it requires “blackbox application” of suitable existence results for these schemes. Our method employs a nontrivial, novel adaptation of a classical (and ubiquitous) paradigm from coding theory that enables transformation of existence results on asymptotically good codes into explicit construction of such codes via concatenation, at some constant loss in parameters achieved. In a nutshell, our generating idea is to combine a cascade of explicit but “asymptotically-bad-yet-good-enough schemes” with an asymptotically good one in such a judicious way that the latter can be selected with exponentially small number of players in that of the compound scheme. This opens the door t

Asymptotically Good Multiplicative LSSS over Galois Rings and Applications to MPC over Z/ pkZ

We study information-theoretic multiparty computation (MPC) protocols over rings Z/ pkZ that have good asymptotic communication complexity for a large number of players. An important ingredient for such protocols is arithmetic secret sharing, i.e., linear secret-sharing schemes with multiplicative properties. The standard way to obtain these over fields is with a family of linear codes C, such that C, C⊥ and C2 are asymptotically good (strongly multiplicative). For our purposes here it suffices if the square code C2 is not the whole space, i.e., has codimension at least 1 (multiplicative). Our approach is to lift such a family of codes defined over a finite field F to a Galois ring, which is a local ring that has F as its residue field and that contains Z/ pkZ as a subring, and thus enables arithmetic that is compatible with both structures. Although arbitrary lifts preserve the distance and dual distance of a code, as we demonstrate with a counterexample, the multiplicative property is not preserved. We work around this issue by showing a dedicated lift that preserves self-orthogonality (as well as distance and dual distance), for p≥ 3. Self-orthogonal codes are multiplicative, therefore we can use existing results of asymptotically good self-dual codes over fields to obtain arithmetic secret sharing over Galois rings. For p= 2 we obtain multiplicativity by using existing techniques of secret-sharing using both C and C⊥, incurring a constant overhead. As a result, we obtain asymptotically good arithmetic secret-sharing schemes over Galois rings. With these schemes in hand, we extend existing field-based MPC protocols to obtain MPC over Z/ pkZ, in the setting of a submaximal adversary corrupting less than a fraction 1 / 2 - ε of the players, where ε> 0 is arbitrarily small. We consider 3 different corruption models. For passive and active security with abort, our protocols communicate O(n) bits per multiplication. For full security with guaranteed output delivery we use a preprocessing model and get O(n) bits per multiplication in the online phase and O(nlog n) bits per multiplication in the offline phase. Thus, we obtain true linear bit complexities, without the common assumption that the ring size depends on the number of players

An upper bound of Singleton type for componentwise products of linear codes

We give an upper bound that relates the minimum weight of a nonzero componentwise product of codewords from some given number of linear codes, with the dimensions of these codes. Its shape is a direct generalization of the classical Singleton bound.Comment: 9 pages; major improvements in v3: now works for an arbitrary number of codes, and the low-weight codeword can be taken in product form; submitted to IEEE Trans. Inform. Theor