8,855 research outputs found
Memory Lower Bounds of Reductions Revisited
In Crypto 2017, Auerbach et al. initiated the study on memory-tight reductions and proved two negative results on the memory-tightness of restricted black-box reductions from multi-challenge security to single-challenge security for signatures and an artificial hash function. In this paper, we revisit the results by Auerbach et al. and show that for a large class of reductions treating multi-challenge security, it is impossible to avoid loss of memory-tightness unless we sacrifice the efficiency of their running-time. Specifically, we show three lower bound results. Firstly, we show a memory lower bound of natural black-box reductions from the multi-challenge unforgeability of unique signatures to any computational assumption. Then we show a lower bound of restricted reductions from multi-challenge security to single-challenge security for a wide class of cryptographic primitives with unique keys in the multi-user setting. Finally, we extend the lower bound result shown by Auerbach et al. treating a hash function to one treating any hash function with a large domain
Faster tuple lattice sieving using spherical locality-sensitive filters
To overcome the large memory requirement of classical lattice sieving
algorithms for solving hard lattice problems, Bai-Laarhoven-Stehl\'{e} [ANTS
2016] studied tuple lattice sieving, where tuples instead of pairs of lattice
vectors are combined to form shorter vectors. Herold-Kirshanova [PKC 2017]
recently improved upon their results for arbitrary tuple sizes, for example
showing that a triple sieve can solve the shortest vector problem (SVP) in
dimension in time , using a technique similar to
locality-sensitive hashing for finding nearest neighbors.
In this work, we generalize the spherical locality-sensitive filters of
Becker-Ducas-Gama-Laarhoven [SODA 2016] to obtain space-time tradeoffs for near
neighbor searching on dense data sets, and we apply these techniques to tuple
lattice sieving to obtain even better time complexities. For instance, our
triple sieve heuristically solves SVP in time . For
practical sieves based on Micciancio-Voulgaris' GaussSieve [SODA 2010], this
shows that a triple sieve uses less space and less time than the current best
near-linear space double sieve.Comment: 12 pages + references, 2 figures. Subsumed/merged into Cryptology
ePrint Archive 2017/228, available at https://ia.cr/2017/122
Towards Tight Lower Bounds for Range Reporting on the RAM
In the orthogonal range reporting problem, we are to preprocess a set of
points with integer coordinates on a grid. The goal is to support
reporting all points inside an axis-aligned query rectangle. This is one of
the most fundamental data structure problems in databases and computational
geometry. Despite the importance of the problem its complexity remains
unresolved in the word-RAM. On the upper bound side, three best tradeoffs
exists: (1.) Query time with words
of space for any constant . (2.) Query time with words of space. (3.) Query time
with optimal words of space. However, the
only known query time lower bound is , even for linear
space data structures.
All three current best upper bound tradeoffs are derived by reducing range
reporting to a ball-inheritance problem. Ball-inheritance is a problem that
essentially encapsulates all previous attempts at solving range reporting in
the word-RAM. In this paper we make progress towards closing the gap between
the upper and lower bounds for range reporting by proving cell probe lower
bounds for ball-inheritance. Our lower bounds are tight for a large range of
parameters, excluding any further progress for range reporting using the
ball-inheritance reduction
Finite-state Strategies in Delay Games (full version)
What is a finite-state strategy in a delay game? We answer this surprisingly
non-trivial question by presenting a very general framework that allows to
remove delay: finite-state strategies exist for all winning conditions where
the resulting delay-free game admits a finite-state strategy. The framework is
applicable to games whose winning condition is recognized by an automaton with
an acceptance condition that satisfies a certain aggregation property. Our
framework also yields upper bounds on the complexity of determining the winner
of such delay games and upper bounds on the necessary lookahead to win the
game. In particular, we cover all previous results of that kind as special
cases of our uniform approach
Heuristics for Longest Edge Selection in Simplicial Branch and Bound
Pre-print de la comunicacion presentada al ICCSA2015Simplicial partitions are suitable to divide a bounded area in
branch and bound. In the iterative re nement process, a popular strategy
is to divide simplices by their longest edge, thus avoiding needle-shaped
simplices. A range of possibilities arises in higher dimensions where the
number of longest edges in a simplex is greater than one. The behaviour
of the search and the resulting binary search tree depend on the se-
lected longest edge. In this work, we investigate different rules to select a
longest edge and study the resulting efficiency of the branch and bound
algorithm.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech
Approximate Voronoi cells for lattices, revisited
We revisit the approximate Voronoi cells approach for solving the closest
vector problem with preprocessing (CVPP) on high-dimensional lattices, and
settle the open problem of Doulgerakis-Laarhoven-De Weger [PQCrypto, 2019] of
determining exact asymptotics on the volume of these Voronoi cells under the
Gaussian heuristic. As a result, we obtain improved upper bounds on the time
complexity of the randomized iterative slicer when using less than memory, and we show how to obtain time-memory trade-offs even when using
less than memory. We also settle the open problem of
obtaining a continuous trade-off between the size of the advice and the query
time complexity, as the time complexity with subexponential advice in our
approach scales as , matching worst-case enumeration bounds,
and achieving the same asymptotic scaling as average-case enumeration
algorithms for the closest vector problem.Comment: 18 pages, 1 figur
- …