Qualitative Spatial Reasoning about Relative Orientation --- A Question of Consistency ---

Abstract. After the emergence of Allen s Interval Algebra Qualitative Spatial Reasoning has evolved into a fruitful field of research in artificial intelligence with possible applications in geographic information systems (GIS) and robot navigation Qualitative Spatial Reasoning abstracts from the detailed metric description of space using rich mathematical theories and restricts its language to a finite, often rather small, set of relations that fulfill certain properties. This approach is often deemed to be cognitively adequate . A major question in qualitative spatial reasoning is whether a description of a spatial situation given as a constraint network is consistent. The problem becomes a hard one since the domain of space (often R2 ) is infinite. In contrast many of the interesting problems for constraint satisfaction have a finite domain on which backtracking methods can be used. But because of the infinity of its domains these methods are generally not applicable to Qualitative Spatial Reasoning. Anyhow the method of path consistency or rather its generalization algebraic closure turned out to be helpful to a certain degree for many qualitative spatial calculi. The problem regarding this method is that it depends on the existence of a composition table, and calculating this table is not an easy task. For example the dipole calculus (operating on oriented dipoles) DRAf has 72 base relations and binary composition, hence its composition table has 5184 entries. Finding all these entries by hand is a hard, long and error-prone task. Finding them using a computer is also not easy, since the semantics of DRAf in the Euclidean Plane, its natural domain, rely on non-linear inequalities. This is not a special problem of the DRAf calculus. In fact, all calculi dealing with relative orientation share the property of having semantics based on non-linear inequalities in the Euclidean plane. This not only makes it hard to find a composition table, it also makes it particularly hard to decide consistency for these calculi. As shown in [79] algebraic closure is always just an approximation to consistency for these calculi, but it is the only method that works fast. Methods like Gröbner reasoning can decide consistency for these calculi but only for small constraint networks. Still finding a composition table for DRAf is a fruitful task, since we can use it analyze the properties of composition based reasoning for such a calculus and it is a starting point for the investigation of the quality of the approximation of consistency for this calculus. We utilize a new approach for calculating the composition table for DRAf using condensed semantics, i.e. the domain of the calculus is compressed in such a way that only finitely many possible configurations need to be investigated. In fact, only the configurations need to be investigated that turn out to represent special characteristics for the placement of three lines in the plane. This method turns out to be highly efficient for calculating the composition table of the calculus. Another method of obtaining a composition table is borrowing it via a suitable morphism. Hence, we investigate morphisms between qualitative spatial calculi. Having the composition table is not the end but rather the beginning of the problem. With that table we can compute algebraically closed refinements of constraint networks, but how meaningful is this process? We know that all constraint networks for which such a refinement does not exist are inconsistent, but what about the rest? In fact, they may be consistent or not. If they are all consistent, then we can be happy, since algebraic closure would decide consistency for the calculus at hand. We investigate LR, DRAf and DRAfp and show that for all these calculi algebraic closure does not decide consistency. In fact, for the LR calculus algebraic closure is an extremely bad approximation of consistency. For this calculus we introduce a new method for the approximation of consistency based on triangles, that performs far better than algebraic closure. A major weak spot of the field of Qualitative Spatial Reasoning is the area of applications. It is hard to refute the accusation of qualitative spatial calculi having only few applications so far. As a step into the direction of scrutinizing the applicability of these calculi, we examine the performance of DRA and OPRA in the issue of describing and navigating street networks based on local observations. Especially for OPRA we investigate a factorization of the base relations that is deemed cognitively adequate . Whenever possible we use real-world data in these investigations obtained from OpenStreetMap

Salvaging Merkle-Damgard for Practical Applications

Many cryptographic applications of hash functions are analyzed in the random oracle model. Unfortunately, most concrete hash functions, including the SHA family, use the iterative (strengthened) Merkle-Damgard transform applied to a corresponding compression function. Moreover, it is well known that the resulting ``structured\u27\u27 hash function cannot be generically used as a random oracle, even if the compression function is assumed to be ideal. This leaves a large disconnect between theory and practice: although no attack is known for many concrete applications utilizing existing (Merkle-Damgard-based) hash functions, there is no security guarantee either, even by idealizing the compression function. Motivated by this question, we initiate a rigorous and modular study of finding kinds of (still idealized) hash functions which would be (a) elegant and interesting in their own right; (b) still enough to argue security of important applications; and (c) provably instantiable by the (strengthened) Merkle-Damgard transform, applied to a strong enough compression function. We develop two such notions which we believe are natural and interesting in their own right: preimage awareness and being indifferentiable from a public-use random oracle

An Introduction to String Diagrams for Computer Scientists

This document is an elementary introduction to string diagrams. It takes a computer science perspective: rather than using category theory as a starting point, we build on intuitions from formal language theory, treating string diagrams as a syntax with its semantics. After the basic theory, pointers are provided to contemporary applications of string diagrams in various fields of science

Limits in the Provable Security of ECDSA Signatures

Digital Signatures are ubiquitous in modern computing. One of the most widely used digital signature schemes is ECDSA due to its use in TLS, various Blockchains such as Bitcoin and Etherum, and many other applications. Yet the formal analysis of ECDSA is comparatively sparse. In particular, all known security results for ECDSA rely on some idealized model such as the generic group model or the programmable (bijective) random oracle model. In this work, we study the question whether these strong idealized models are necessary for proving the security of ECDSA. Specifically, we focus on the programmability of ECDSA\u27s conversion function which maps an elliptic curve point into its $x$-coordinate modulo the group order. Unfortunately, our main results are negative. We establish, by means of a meta reductions, that an algebraic security reduction for ECDSA can only exist if the security reduction is allowed to program the conversion function. As a consequence, a meaningful security proof for ECDSA is unlikely to exist without strong idealization