551,059 research outputs found
Generic-case complexity, decision problems in group theory and random walks
We give a precise definition of ``generic-case complexity'' and show that for
a very large class of finitely generated groups the classical decision problems
of group theory - the word, conjugacy and membership problems - all have
linear-time generic-case complexity. We prove such theorems by using the theory
of random walks on regular graphs.Comment: Revised versio
Assessing security of some group based cryptosystems
One of the possible generalizations of the discrete logarithm problem to
arbitrary groups is the so-called conjugacy search problem (sometimes
erroneously called just the conjugacy problem): given two elements a, b of a
group G and the information that a^x=b for some x \in G, find at least one
particular element x like that. Here a^x stands for xax^{-1}. The computational
difficulty of this problem in some particular groups has been used in several
group based cryptosystems. Recently, a few preprints have been in circulation
that suggested various "neighbourhood search" type heuristic attacks on the
conjugacy search problem. The goal of the present survey is to stress a
(probably well known) fact that these heuristic attacks alone are not a threat
to the security of a cryptosystem, and, more importantly, to suggest a more
credible approach to assessing security of group based cryptosystems. Such an
approach should be necessarily based on the concept of the average case
complexity (or expected running time) of an algorithm.
These arguments support the following conclusion: although it is generally
feasible to base the security of a cryptosystem on the difficulty of the
conjugacy search problem, the group G itself (the "platform") has to be chosen
very carefully. In particular, experimental as well as theoretical evidence
collected so far makes it appear likely that braid groups are not a good choice
for the platform. We also reflect on possible replacements.Comment: 10 page
Parallel Algorithm and Dynamic Exponent for Diffusion-limited Aggregation
A parallel algorithm for ``diffusion-limited aggregation'' (DLA) is described
and analyzed from the perspective of computational complexity. The dynamic
exponent z of the algorithm is defined with respect to the probabilistic
parallel random-access machine (PRAM) model of parallel computation according
to , where L is the cluster size, T is the running time, and the
algorithm uses a number of processors polynomial in L\@. It is argued that
z=D-D_2/2, where D is the fractal dimension and D_2 is the second generalized
dimension. Simulations of DLA are carried out to measure D_2 and to test
scaling assumptions employed in the complexity analysis of the parallel
algorithm. It is plausible that the parallel algorithm attains the minimum
possible value of the dynamic exponent in which case z characterizes the
intrinsic history dependence of DLA.Comment: 24 pages Revtex and 2 figures. A major improvement to the algorithm
and smaller dynamic exponent in this versio
Secret Sharing Based on a Hard-on-Average Problem
The main goal of this work is to propose the design of secret sharing schemes
based on hard-on-average problems. It includes the description of a new
multiparty protocol whose main application is key management in networks. Its
unconditionally perfect security relies on a discrete mathematics problem
classiffied as DistNP-Complete under the average-case analysis, the so-called
Distributional Matrix Representability Problem. Thanks to the use of the search
version of the mentioned decision problem, the security of the proposed scheme
is guaranteed. Although several secret sharing schemes connected with
combinatorial structures may be found in the bibliography, the main
contribution of this work is the proposal of a new secret sharing scheme based
on a hard-on-average problem, which allows to enlarge the set of tools for
designing more secure cryptographic applications
- …