970 research outputs found
On the nonlinearity of monotone Boolean functions
We first prove the truthfulness of a conjecture on the nonlinearity of monotone Boolean functions in even dimension, proposed in the recent paper ``Cryptographic properties of monotone Boolean functions , by D. Joyner, P. Stanica, D. Tang and the author, to appear in the Journal of Mathematical Cryptology. We prove then an upper bound on such nonlinearity, which is asymptotically much stronger than the conjectured upper bound and than the upper bound proved for odd dimension in this same paper. This bound shows a deep weakness of monotone Boolean functions; they are too closely approximated by affine functions for being usable as nonlinear components in cryptographic applications. We deduce a necessary criterion to be satisfied by a Boolean (resp. vectorial) function for being nonlinear
Approximate resilience, monotonicity, and the complexity of agnostic learning
A function is -resilient if all its Fourier coefficients of degree at
most are zero, i.e., is uncorrelated with all low-degree parities. We
study the notion of of Boolean
functions, where we say that is -approximately -resilient if
is -close to a -valued -resilient function in
distance. We show that approximate resilience essentially characterizes the
complexity of agnostic learning of a concept class over the uniform
distribution. Roughly speaking, if all functions in a class are far from
being -resilient then can be learned agnostically in time and
conversely, if contains a function close to being -resilient then
agnostic learning of in the statistical query (SQ) framework of Kearns has
complexity of at least . This characterization is based on the
duality between approximation by degree- polynomials and
approximate -resilience that we establish. In particular, it implies that
approximation by low-degree polynomials, known to be sufficient for
agnostic learning over product distributions, is in fact necessary.
Focusing on monotone Boolean functions, we exhibit the existence of
near-optimal -approximately
-resilient monotone functions for all
. Prior to our work, it was conceivable even that every monotone
function is -far from any -resilient function. Furthermore, we
construct simple, explicit monotone functions based on and that are close to highly resilient functions. Our constructions are
based on a fairly general resilience analysis and amplification. These
structural results, together with the characterization, imply nearly optimal
lower bounds for agnostic learning of monotone juntas
Polynomial and Query Complexity of Minterm-Cyclic Functions
Boolean functions are at the heart of all computations, and all Boolean functions can be reduced to a sum of pattern-matching functions, called minterm-cyclic functions. In this thesis, we examine properties of polynomials representing minterm-cyclic Boolean functions. We use the term saturated to represent a polynomial with degree equal to input size n for all n; this indicates the intuitive notion that such functions are in some way complex, or difficult to compute. We present three main results. Firstly, there exist an infinite number of monotone minterm-cyclic functions that are not saturated. Secondly, for a specific class of minterms called self-avoiding minterms, we prove that the associated pattern-matching functions are not saturated; specifically, they can only have non-zero degree-n coefficients for n a multiple of the size of the minterm. Thirdly, for self-avoiding minterms that contain some \u27*\u27, the degree-n coefficients are always zero. These results may have implications in the fields of algebraic cryptographic attacks or efficiency of error-correcting codes
Fourier-based Function Secret Sharing with General Access Structure
Function secret sharing (FSS) scheme is a mechanism that calculates a
function f(x) for x in {0,1}^n which is shared among p parties, by using
distributed functions f_i:{0,1}^n -> G, where G is an Abelian group, while the
function f:{0,1}^n -> G is kept secret to the parties. Ohsawa et al. in 2017
observed that any function f can be described as a linear combination of the
basis functions by regarding the function space as a vector space of dimension
2^n and gave new FSS schemes based on the Fourier basis. All existing FSS
schemes are of (p,p)-threshold type. That is, to compute f(x), we have to
collect f_i(x) for all the distributed functions. In this paper, as in the
secret sharing schemes, we consider FSS schemes with any general access
structure. To do this, we observe that Fourier-based FSS schemes by Ohsawa et
al. are compatible with linear secret sharing scheme. By incorporating the
techniques of linear secret sharing with any general access structure into the
Fourier-based FSS schemes, we show Fourier-based FSS schemes with any general
access structure.Comment: 12 page
The power of negations in cryptography
The study of monotonicity and negation complexity for Bool-ean functions has been prevalent in complexity theory as well as in computational learning theory, but little attention has been given to it in the cryptographic context. Recently, Goldreich and Izsak (2012) have initiated a study of whether cryptographic primitives can be monotone, and showed that one-way functions can be monotone (assuming they exist), but a pseudorandom generator cannot.
In this paper, we start by filling in the picture and proving that many other basic cryptographic primitives cannot be monotone. We then initiate a quantitative study of the power of negations, asking how many negations are required. We provide several lower bounds, some of them tight, for various cryptographic primitives and building blocks including one-way permutations, pseudorandom functions, small-bias generators, hard-core predicates, error-correcting codes, and randomness extractors. Among our results, we highlight the following.
Unlike one-way functions, one-way permutations cannot be monotone.
We prove that pseudorandom functions require logn − O(1) negations (which is optimal up to the additive term).
We prove that error-correcting codes with optimal distance parameters require logn − O(1) negations (again, optimal up to the additive term).
We prove a general result for monotone functions, showing a lower bound on the depth of any circuit with t negations on the bottom that computes a monotone function f in terms of the monotone circuit depth of f. This result addresses a question posed by Koroth and Sarma (2014) in the context of the circuit complexity of the Clique problem
On SAT representations of XOR constraints
We study the representation of systems S of linear equations over the
two-element field (aka xor- or parity-constraints) via conjunctive normal forms
F (boolean clause-sets). First we consider the problem of finding an
"arc-consistent" representation ("AC"), meaning that unit-clause propagation
will fix all forced assignments for all possible instantiations of the
xor-variables. Our main negative result is that there is no polysize
AC-representation in general. On the positive side we show that finding such an
AC-representation is fixed-parameter tractable (fpt) in the number of
equations. Then we turn to a stronger criterion of representation, namely
propagation completeness ("PC") --- while AC only covers the variables of S,
now all the variables in F (the variables in S plus auxiliary variables) are
considered for PC. We show that the standard translation actually yields a PC
representation for one equation, but fails so for two equations (in fact
arbitrarily badly). We show that with a more intelligent translation we can
also easily compute a translation to PC for two equations. We conjecture that
computing a representation in PC is fpt in the number of equations.Comment: 39 pages; 2nd v. improved handling of acyclic systems, free-standing
proof of the transformation from AC-representations to monotone circuits,
improved wording and literature review; 3rd v. updated literature,
strengthened treatment of monotonisation, improved discussions; 4th v. update
of literature, discussions and formulations, more details and examples;
conference v. to appear LATA 201
Privately Releasing Conjunctions and the Statistical Query Barrier
Suppose we would like to know all answers to a set of statistical queries C
on a data set up to small error, but we can only access the data itself using
statistical queries. A trivial solution is to exhaustively ask all queries in
C. Can we do any better?
+ We show that the number of statistical queries necessary and sufficient for
this task is---up to polynomial factors---equal to the agnostic learning
complexity of C in Kearns' statistical query (SQ) model. This gives a complete
answer to the question when running time is not a concern.
+ We then show that the problem can be solved efficiently (allowing arbitrary
error on a small fraction of queries) whenever the answers to C can be
described by a submodular function. This includes many natural concept classes,
such as graph cuts and Boolean disjunctions and conjunctions.
While interesting from a learning theoretic point of view, our main
applications are in privacy-preserving data analysis:
Here, our second result leads to the first algorithm that efficiently
releases differentially private answers to of all Boolean conjunctions with 1%
average error. This presents significant progress on a key open problem in
privacy-preserving data analysis.
Our first result on the other hand gives unconditional lower bounds on any
differentially private algorithm that admits a (potentially
non-privacy-preserving) implementation using only statistical queries. Not only
our algorithms, but also most known private algorithms can be implemented using
only statistical queries, and hence are constrained by these lower bounds. Our
result therefore isolates the complexity of agnostic learning in the SQ-model
as a new barrier in the design of differentially private algorithms
Learning circuits with few negations
Monotone Boolean functions, and the monotone Boolean circuits that compute
them, have been intensively studied in complexity theory. In this paper we
study the structure of Boolean functions in terms of the minimum number of
negations in any circuit computing them, a complexity measure that interpolates
between monotone functions and the class of all functions. We study this
generalization of monotonicity from the vantage point of learning theory,
giving near-matching upper and lower bounds on the uniform-distribution
learnability of circuits in terms of the number of negations they contain. Our
upper bounds are based on a new structural characterization of negation-limited
circuits that extends a classical result of A. A. Markov. Our lower bounds,
which employ Fourier-analytic tools from hardness amplification, give new
results even for circuits with no negations (i.e. monotone functions)
- …