5 research outputs found
Mixing in Non-Quasirandom Groups
We initiate a systematic study of mixing in non-quasirandom groups. Let A and B be two independent, high-entropy distributions over a group G. We show that the product distribution AB is statistically close to the distribution F(AB) for several choices of G and F, including:
1) G is the affine group of 2x2 matrices, and F sets the top-right matrix entry to a uniform value,
2) G is the lamplighter group, that is the wreath product of ?? and ?_{n}, and F is multiplication by a certain subgroup,
3) G is H? where H is non-abelian, and F selects a uniform coordinate and takes a uniform conjugate of it.
The obtained bounds for (1) and (2) are tight.
This work is motivated by and applied to problems in communication complexity. We consider the 3-party communication problem of deciding if the product of three group elements multiplies to the identity. We prove lower bounds for the groups above, which are tight for the affine and the lamplighter groups
INTERLEAVED GROUP PRODUCTS
Let be the special linear group . We show that if
and are sampled uniformly from large
subsets and of then their interleaved product is nearly uniform over . This extends a result of the first
author, which corresponds to the independent case where and are product
sets. We obtain a number of other results. For example, we show that if is
a probability distribution on such that any two coordinates are uniform
in , then a pointwise product of independent copies of is nearly
uniform in , where depends on only. Extensions to other groups are
also discussed.
We obtain closely related results in communication complexity, which is the
setting where some of these questions were first asked by Miles and Viola. For
example, suppose party of parties receives on its
forehead a -tuple of elements from . The parties
are promised that the interleaved product is equal either to the identity or to some
other fixed element , and their goal is to determine which of the two
the product is equal to. We show that for all fixed and all sufficiently
large the communication is , which is tight. Even for
the previous best lower bound was . As an application, we
establish the security of the leakage-resilient circuits studied by Miles and
Viola in the "only computation leaks" model
Unconditionally Secure Computation Against Low-Complexity Leakage
We consider the problem of constructing leakage-resilient circuit compilers that are secure against global leakage functions with bounded output length. By global, we mean that the leakage can depend on all circuit wires and output a low-complexity function (represented as a multi-output Boolean circuit) applied on these wires. In this work, we design compilers both in the stateless (a.k.a. single-shot leakage) setting and the stateful (a.k.a. continuous leakage) setting that are unconditionally secure against AC0 leakage and similar low-complexity classes.
In the stateless case, we show that the original private circuits construction of Ishai, Sahai, and Wagner (Crypto 2003) is actually secure against AC0 leakage. In the stateful case, we modify the construction of Rothblum (Crypto 2012), obtaining a simple construction with unconditional security. Prior works that designed leakage-resilient circuit compilers against AC0 leakage had to rely either on secure hardware components (Faust et al., Eurocrypt 2010, Miles-Viola, STOC 2013) or on (unproven) complexity-theoretic assumptions (Rothblum, Crypto 2012)
A Survey of Leakage-Resilient Cryptography
In the past 15 years, cryptography has made considerable progress in expanding the adversarial attack model to cover side-channel attacks, and has built schemes to provably defend against some of them. This survey covers the main models and results in this so-called leakage-resilient cryptography