630 research outputs found
Almost universal codes for fading wiretap channels
We consider a fading wiretap channel model where the transmitter has only
statistical channel state information, and the legitimate receiver and
eavesdropper have perfect channel state information. We propose a sequence of
non-random lattice codes which achieve strong secrecy and semantic security
over ergodic fading channels. The construction is almost universal in the sense
that it achieves the same constant gap to secrecy capacity over Gaussian and
ergodic fading models.Comment: 5 pages, to be submitted to IEEE International Symposium on
Information Theory (ISIT) 201
Search-to-Decision Reductions for Lattice Problems with Approximation Factors (Slightly) Greater Than One
We show the first dimension-preserving search-to-decision reductions for
approximate SVP and CVP. In particular, for any ,
we obtain an efficient dimension-preserving reduction from -SVP to -GapSVP and an efficient dimension-preserving reduction
from -CVP to -GapCVP. These results generalize the known
equivalences of the search and decision versions of these problems in the exact
case when . For SVP, we actually obtain something slightly stronger
than a search-to-decision reduction---we reduce -SVP to
-unique SVP, a potentially easier problem than -GapSVP.Comment: Updated to acknowledge additional prior wor
Inapproximability of Combinatorial Optimization Problems
We survey results on the hardness of approximating combinatorial optimization
problems
Asymptotically Efficient Lattice-Based Digital Signatures
We present a general framework that converts certain types of linear collision-resistant hash
functions into one-time signatures. Our generic construction can be instantiated based on both
general and ideal (e.g. cyclic) lattices, and the resulting signature schemes are provably secure
based on the worst-case hardness of approximating the shortest vector (and other standard
lattice problems) in the corresponding class of lattices to within a polynomial factor. When
instantiated with ideal lattices, the time complexity of the signing and verification algorithms,
as well as key and signature size is almost linear (up to poly-logarithmic factors) in the dimension
n of the underlying lattice. Since no sub-exponential (in n) time algorithm is known to solve
lattice problems in the worst case, even when restricted to ideal lattices, our construction gives
a digital signature scheme with an essentially optimal performance/security trade-off
Recovering short generators of principal ideals in cyclotomic rings
Abstract: A handful of recent cryptographic proposals rely on the conjectured hardness of the following problem in the ring of integers of a cyclotomic number field: given a basis of a principal ideal that is guaranteed to have a ``rather short'' generator, find such a generator. Recently, Bernstein and Campbell-Groves-Shepherd sketched potential attacks against this problem; most notably, the latter authors claimed a \emph{polynomial-time quantum} algorithm. (Alternatively, replacing the quantum component with an algorithm of Biasse and Fieker would yield a \emph{classical subexponential-time} algorithm.) A key claim of Campbell \etal\ is that one step of their algorithm---namely, decoding the \emph{log-unit} lattice of the ring to recover a short generator from an arbitrary one---is classically efficient (whereas the standard approach on general lattices takes exponential time). However, very few convincing details were provided to substantiate this claim.
In this work, we clarify the situation by giving a rigorous proof that the log-unit lattice is indeed efficiently decodable, for any cyclotomic of prime-power index. Combining this with the quantum algorithm from a recent work of Biasse and Song confirms the main claim of Campbell \etal\xspace Our proof consists of two main technical contributions: the first is a geometrical analysis, using tools from analytic number theory, of the standard generators of the group of cyclotomic units. The second shows that for a wide class of typical distributions of the short generator, a standard lattice-decoding algorithm can recover it, given any generator.
By extending our geometrical analysis, as a second main contribution we obtain an efficient algorithm that, given any generator of a principal ideal (in a prime-power cyclotomic), finds a 2^O~(n^1/2)
-approximate shortest vector in the ideal. Combining this with the result of Biasse and Song yields a quantum polynomial-time algorithm for the 2^O~(n^1/2)-approximate Shortest Vector Problem on principal ideal lattices
Bethe Ansatz solution of triangular trimers on the triangular lattice
Details are presented of a recently announced exact solution of a model
consisting of triangular trimers covering the triangular lattice. The solution
involves a coordinate Bethe Ansatz with two kinds of particles. It is similar
to that of the square-triangle random tiling model, due to M. Widom and P. A.
Kalugin. The connection of the trimer model with related solvable models is
discussed.Comment: 33 pages, LaTeX2e, 13 EPS figures, PSFra
- …