129,871 research outputs found
Generating square-free words efficiently
We study a simple algorithm generating square-free words from a random source. The source produces uniformly distributed random letters from a k-ary alphabet, and the algorithm outputs a (k+1)-ary square-free word. We are interested in the "conversion ratio" between the lengths of the input random word and the output square-free word. For any k≥3 we prove the expected value of this ratio to be a constant and calculate it up to an O(1/k5) term. For the extremal case of ternary square-free words, we suggest this ratio to have a constant expectation as well and conjecture its actual value from computer experiments. © 2015 Elsevier B.V.
Improved bounds on the number of ternary square-free words
Improved upper and lower bounds on the number of square-free ternary words
are obtained. The upper bound is based on the enumeration of square-free
ternary words up to length 110. The lower bound is derived by constructing
generalised Brinkhuis triples. The problem of finding such triples can
essentially be reduced to a combinatorial problem, which can efficiently be
treated by computer. In particular, it is shown that the number of square-free
ternary words of length n grows at least as 65^(n/40), replacing the previous
best lower bound of 2^(n/17).Comment: 17 pages, AMS LaTeX. Paper has been completely rewritten and
comprises new results on both lower and upper bounds. The Mathematica program
mentioned in the article can be downloaded at
http://mcs.open.ac.uk/ugg2/wordcomb/brinkhuistriples.
Efficient noninteractive certification of RSA moduli and beyond
In many applications, it is important to verify that an RSA public key (N; e) speci es a
permutation over the entire space ZN, in order to prevent attacks due to adversarially-generated
public keys. We design and implement a simple and e cient noninteractive zero-knowledge
protocol (in the random oracle model) for this task. Applications concerned about adversarial
key generation can just append our proof to the RSA public key without any other modi cations
to existing code or cryptographic libraries. Users need only perform a one-time veri cation of
the proof to ensure that raising to the power e is a permutation of the integers modulo N. For
typical parameter settings, the proof consists of nine integers modulo N; generating the proof
and verifying it both require about nine modular exponentiations.
We extend our results beyond RSA keys and also provide e cient noninteractive zero-
knowledge proofs for other properties of N, which can be used to certify that N is suitable
for the Paillier cryptosystem, is a product of two primes, or is a Blum integer. As compared to
the recent work of Auerbach and Poettering (PKC 2018), who provide two-message protocols for
similar languages, our protocols are more e cient and do not require interaction, which enables
a broader class of applications.https://eprint.iacr.org/2018/057First author draf
On Buffon Machines and Numbers
The well-know needle experiment of Buffon can be regarded as an analog (i.e.,
continuous) device that stochastically "computes" the number 2/pi ~ 0.63661,
which is the experiment's probability of success. Generalizing the experiment
and simplifying the computational framework, we consider probability
distributions, which can be produced perfectly, from a discrete source of
unbiased coin flips. We describe and analyse a few simple Buffon machines that
generate geometric, Poisson, and logarithmic-series distributions. We provide
human-accessible Buffon machines, which require a dozen coin flips or less, on
average, and produce experiments whose probabilities of success are expressible
in terms of numbers such as, exp(-1), log 2, sqrt(3), cos(1/4), aeta(5).
Generally, we develop a collection of constructions based on simple
probabilistic mechanisms that enable one to design Buffon experiments involving
compositions of exponentials and logarithms, polylogarithms, direct and inverse
trigonometric functions, algebraic and hypergeometric functions, as well as
functions defined by integrals, such as the Gaussian error function.Comment: Largely revised version with references and figures added. 12 pages.
In ACM-SIAM Symposium on Discrete Algorithms (SODA'2011
- …