2 research outputs found
Decremental Single-Source Shortest Paths on Undirected Graphs in Near-Linear Total Update Time
In the decremental single-source shortest paths (SSSP) problem we want to
maintain the distances between a given source node and every other node in
an -node -edge graph undergoing edge deletions. While its static
counterpart can be solved in near-linear time, this decremental problem is much
more challenging even in the undirected unweighted case. In this case, the
classic total update time of Even and Shiloach [JACM 1981] has been the
fastest known algorithm for three decades. At the cost of a
-approximation factor, the running time was recently improved to
by Bernstein and Roditty [SODA 2011]. In this paper, we bring the
running time down to near-linear: We give a -approximation
algorithm with expected total update time, thus obtaining
near-linear time. Moreover, we obtain time for the weighted
case, where the edge weights are integers from to . The only prior work
on weighted graphs in time is the -time algorithm by
Henzinger et al. [STOC 2014, ICALP 2015] which works for directed graphs with
quasi-polynomial edge weights. The expected running time bound of our algorithm
holds against an oblivious adversary.
In contrast to the previous results which rely on maintaining a sparse
emulator, our algorithm relies on maintaining a so-called sparse -hop set introduced by Cohen [JACM 2000] in the PRAM literature. An
-hop set of a graph is a set of weighted edges
such that the distance between any pair of nodes in can be
-approximated by their -hop distance (given by a path
containing at most edges) on . Our algorithm can maintain
an -hop set of near-linear size in near-linear time under
edge deletions.Comment: Accepted to Journal of the ACM. A preliminary version of this paper
was presented at the 55th IEEE Symposium on Foundations of Computer Science
(FOCS 2014). Abstract shortened to respect the arXiv limit of 1920 character
Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation
Abstract-Despite advances in security engineering, authentication in applications such as email and the Web still primarily relies on the X.509 public key infrastructure introduced in 1988. This PKI has many issues but is nearly impossible to replace. Leveraging recent progress in verifiable computation, we propose a novel use of existing X.509 certificates and infrastructure. Instead of receiving & validating chains of certificates, our applications receive & verify proofs of their knowledge, their validity, and their compliance with application policies. This yields smaller messages (by omitting certificates), stronger privacy (by hiding certificate contents), and stronger integrity (by embedding additional checks, e.g. for revocation). X.509 certificate validation is famously complex and errorprone, as it involves parsing ASN.1 data structures and interpreting them against diverse application policies. To manage this diversity, we propose a new format for writing application policies by composing X.509 templates, and we provide a template compiler that generates C code for validating certificates within a given policy. We then use the Geppetto cryptographic compiler to produce a zero-knowledge verifiable computation scheme for that policy. To optimize the resulting scheme, we develop new C libraries for RSA-PKCS#1 signatures and ASN.1 parsing, carefully tailored for cryptographic verifiability. We evaluate our approach by providing two real-world applications of verifiable computation: a drop-in replacement for certificates within TLS; and access control for the Helios voting protocol. For TLS, we support fine-grained validation policies, with revocation checking and selective disclosure of certificate contents, effectively turning X.509 certificates into anonymous credentials. For Helios, we obtain additional privacy and verifiability guarantees for voters equipped with X.509 certificates, such as those readily available from some national ID cards