134 research outputs found
Complexity Analysis of Reed-Solomon Decoding over GF(2^m) Without Using Syndromes
For the majority of the applications of Reed-Solomon (RS) codes, hard
decision decoding is based on syndromes. Recently, there has been renewed
interest in decoding RS codes without using syndromes. In this paper, we
investigate the complexity of syndromeless decoding for RS codes, and compare
it to that of syndrome-based decoding. Aiming to provide guidelines to
practical applications, our complexity analysis differs in several aspects from
existing asymptotic complexity analysis, which is typically based on
multiplicative fast Fourier transform (FFT) techniques and is usually in big O
notation. First, we focus on RS codes over characteristic-2 fields, over which
some multiplicative FFT techniques are not applicable. Secondly, due to
moderate block lengths of RS codes in practice, our analysis is complete since
all terms in the complexities are accounted for. Finally, in addition to fast
implementation using additive FFT techniques, we also consider direct
implementation, which is still relevant for RS codes with moderate lengths.
Comparing the complexities of both syndromeless and syndrome-based decoding
algorithms based on direct and fast implementations, we show that syndromeless
decoding algorithms have higher complexities than syndrome-based ones for high
rate RS codes regardless of the implementation. Both errors-only and
errors-and-erasures decoding are considered in this paper. We also derive
tighter bounds on the complexities of fast polynomial multiplications based on
Cantor's approach and the fast extended Euclidean algorithm.Comment: 11 pages, submitted to EURASIP Journal on Wireless Communications and
Networkin
Composite Cyclotomic Fourier Transforms with Reduced Complexities
Discrete Fourier transforms~(DFTs) over finite fields have widespread
applications in digital communication and storage systems. Hence, reducing the
computational complexities of DFTs is of great significance. Recently proposed
cyclotomic fast Fourier transforms (CFFTs) are promising due to their low
multiplicative complexities. Unfortunately, there are two issues with CFFTs:
(1) they rely on efficient short cyclic convolution algorithms, which has not
been investigated thoroughly yet, and (2) they have very high additive
complexities when directly implemented. In this paper, we address both issues.
One of the main contributions of this paper is efficient bilinear 11-point
cyclic convolution algorithms, which allow us to construct CFFTs over
GF. The other main contribution of this paper is that we propose
composite cyclotomic Fourier transforms (CCFTs). In comparison to previously
proposed fast Fourier transforms, our CCFTs achieve lower overall complexities
for moderate to long lengths, and the improvement significantly increases as
the length grows. Our 2047-point and 4095-point CCFTs are also first efficient
DFTs of such lengths to the best of our knowledge. Finally, our CCFTs are also
advantageous for hardware implementations due to their regular and modular
structure.Comment: submitted to IEEE trans on Signal Processin
Ring Packing and Amortized FHEW Bootstrapping
The FHEW fully homomorphic encryption scheme (Ducas and Micciancio, Eurocrypt 2015) offers very fast homomorphic NAND-gate computations (on encrypted data) and a relatively fast refreshing procedure that allows to homomorphically evaluate arbitrary NAND boolean circuits. Unfortunately, the refreshing procedure needs to be executed after every single NAND computation, and each refreshing operates on a single encrypted bit, greatly decreasing the overall throughput of the scheme. We give a new refreshing procedure that simultaneously refreshes n FHEW ciphertexts, at a cost comparable to a single-bit FHEW refreshing operation. As a result, the cost of each refreshing is amortized over n encrypted bits, improving the throughput for the homomorphic evaluation of boolean circuits roughly by a factor n
Correlated Pseudorandomness from the Hardness of Quasi-Abelian Decoding
Secure computation often benefits from the use of correlated randomness to
achieve fast, non-cryptographic online protocols. A recent paradigm put forth
by Boyle (CCS 2018, Crypto 2019) showed how pseudorandom
correlation generators (PCG) can be used to generate large amounts of useful
forms of correlated (pseudo)randomness, using minimal interactions followed
solely by local computations, yielding silent secure two-party computation
protocols (protocols where the preprocessing phase requires almost no
communication). An additional property called programmability allows to extend
this to build N-party protocols. However, known constructions for programmable
PCG's can only produce OLE's over large fields, and use rather new splittable
Ring-LPN assumption.
In this work, we overcome both limitations. To this end, we introduce the
quasi-abelian syndrome decoding problem (QA-SD), a family of assumptions which
generalises the well-established quasi-cyclic syndrome decoding assumption.
Building upon QA-SD, we construct new programmable PCG's for OLE's over any
field with . Our analysis also sheds light on the security
of the ring-LPN assumption used in Boyle (Crypto 2020). Using
our new PCG's, we obtain the first efficient N-party silent secure computation
protocols for computing general arithmetic circuit over for any
.Comment: This is a long version of a paper accepted at CRYPTO'2
New Decoding of Reed-Solomon Codes Based on FFT and Modular Approach
Decoding algorithms for Reed--Solomon (RS) codes are of great interest for
both practical and theoretical reasons. In this paper, an efficient algorithm,
called the modular approach (MA), is devised for solving the Welch--Berlekamp
(WB) key equation. By taking the MA as the key equation solver, we propose a
new decoding algorithm for systematic RS codes. For RS codes, where
is the code length and is the code dimension, the proposed decoding
algorithm has both the best asymptotic computational complexity and the smallest constant factor achieved to date. By
comparing the number of field operations required, we show that when decoding
practical RS codes, the new algorithm is significantly superior to the existing
methods in terms of computational complexity. When decoding the
RS code defined over , the new algorithm is 10 times
faster than a conventional syndrome-based method. Furthermore, the new
algorithm has a regular architecture and is thus suitable for hardware
implementation
TRUST NO ONE; Homomorphic Encryption and its Applications
Masteroppgave i informatikkINF399MAMN-PROGMAMN-IN
- …