On Termination of Integer Linear Loops

A fundamental problem in program verification concerns the termination of simple linear loops of the form x := u ; while Bx >= b do {x := Ax + a} where x is a vector of variables, u, a, and c are integer vectors, and A and B are integer matrices. Assuming the matrix A is diagonalisable, we give a decision procedure for the problem of whether, for all initial integer vectors u, such a loop terminates. The correctness of our algorithm relies on sophisticated tools from algebraic and analytic number theory, Diophantine geometry, and real algebraic geometry. To the best of our knowledge, this is the first substantial advance on a 10-year-old open problem of Tiwari (2004) and Braverman (2006).Comment: Accepted to SODA1

Error-Correction Coding and Decoding: Bounds, Codes, Decoders, Analysis and Applications

Coding; Communications; Engineering; Networks; Information Theory; Algorithm

Cyclotomic Identity Testing and Applications

We consider the cyclotomic identity testing problem: given a polynomial $f(x_1,\ldots,x_k)$, decide whether $f(\zeta_n^{e_1},\ldots,\zeta_n^{e_k})$ is zero, for $\zeta_n = e^{2\pi i/n}$ a primitive complex $n$-th root of unity and integers $e_1,\ldots,e_k$. We assume that $n$ and $e_1,\ldots,e_k$ are represented in binary and consider several versions of the problem, according to the representation of $f$. For the case that $f$ is given by an algebraic circuit we give a randomized polynomial-time algorithm with two-sided errors, showing that the problem lies in BPP. In case $f$ is given by a circuit of polynomially bounded syntactic degree, we give a randomized algorithm with two-sided errors that runs in poly-logarithmic parallel time, showing that the problem lies in BPNC. In case $f$ is given by a depth-2 $\Sigma\Pi$ circuit (or, equivalently, as a list of monomials), we show that the cyclotomic identity testing problem lies in NC. Under the generalised Riemann hypothesis, we are able to extend this approach to obtain a polynomial-time algorithm also for a very simple subclass of depth-3 $\Sigma\Pi\Sigma$ circuits. We complement this last result by showing that for a more general class of depth-3 $\Sigma\Pi\Sigma$ circuits, a polynomial-time algorithm for the cyclotomic identity testing problem would yield a sub-exponential-time algorithm for polynomial identity testing. Finally, we use cyclotomic identity testing to give a new proof that equality of compressed strings, i.e., strings presented using context-free grammars, can be decided in coRNC: randomized NC with one-sided errors

A STUDY OF LINEAR ERROR CORRECTING CODES

Since Shannon's ground-breaking work in 1948, there have been two main development streams of channel coding in approaching the limit of communication channels, namely classical coding theory which aims at designing codes with large minimum Hamming distance and probabilistic coding which places the emphasis on low complexity probabilistic decoding using long codes built from simple constituent codes. This work presents some further investigations in these two channel coding development streams. Low-density parity-check (LDPC) codes form a class of capacity-approaching codes with sparse parity-check matrix and low-complexity decoder Two novel methods of constructing algebraic binary LDPC codes are presented. These methods are based on the theory of cyclotomic cosets, idempotents and Mattson-Solomon polynomials, and are complementary to each other. The two methods generate in addition to some new cyclic iteratively decodable codes, the well-known Euclidean and projective geometry codes. Their extension to non binary fields is shown to be straightforward. These algebraic cyclic LDPC codes, for short block lengths, converge considerably well under iterative decoding. It is also shown that for some of these codes, maximum likelihood performance may be achieved by a modified belief propagation decoder which uses a different subset of 7^ codewords of the dual code for each iteration. Following a property of the revolving-door combination generator, multi-threaded minimum Hamming distance computation algorithms are developed. Using these algorithms, the previously unknown, minimum Hamming distance of the quadratic residue code for prime 199 has been evaluated. In addition, the highest minimum Hamming distance attainable by all binary cyclic codes of odd lengths from 129 to 189 has been determined, and as many as 901 new binary linear codes which have higher minimum Hamming distance than the previously considered best known linear code have been found. It is shown that by exploiting the structure of circulant matrices, the number of codewords required, to compute the minimum Hamming distance and the number of codewords of a given Hamming weight of binary double-circulant codes based on primes, may be reduced. A means of independently verifying the exhaustively computed number of codewords of a given Hamming weight of these double-circulant codes is developed and in coiyunction with this, it is proved that some published results are incorrect and the correct weight spectra are presented. Moreover, it is shown that it is possible to estimate the minimum Hamming distance of this family of prime-based double-circulant codes. It is shown that linear codes may be efficiently decoded using the incremental correlation Dorsch algorithm. By extending this algorithm, a list decoder is derived and a novel, CRC-less error detection mechanism that offers much better throughput and performance than the conventional ORG scheme is described. Using the same method it is shown that the performance of conventional CRC scheme may be considerably enhanced. Error detection is an integral part of an incremental redundancy communications system and it is shown that sequences of good error correction codes, suitable for use in incremental redundancy communications systems may be obtained using the Constructions X and XX. Examples are given and their performances presented in comparison to conventional CRC schemes

The Segal conjecture for topological Hochschild homology of complex cobordism

We study the C_p-equivariant Tate construction on the topological Hochschild homology THH(B) of a symmetric ring spectrum B by relating it to a topological version R_+(B) of the Singer construction, extended by a natural circle action. This enables us to prove that the fixed and homotopy fixed point spectra of THH(B) are p-adically equivalent for B = MU and BP. This generalizes the classical C_p-equivariant Segal conjecture, which corresponds to the case B = S.Comment: Accepted for publication by the Journal of Topolog

Complexity measures for classes of sequences and cryptographic apllications

Pseudo-random sequences are a crucial component of cryptography, particularly in stream cipher design. In this thesis we will investigate several measures of randomness for certain classes of finitely generated sequences. We will present a heuristic algorithm for calculating the k-error linear complexity of a general sequence, of either finite or infinite length, and results on the closeness of the approximation generated. We will present an linear time algorithm for determining the linear complexity of a sequence whose characteristic polynomial is a power of an irreducible element, again presenting variations for both finite and infinite sequences. This algorithm allows the linear complexity of such sequences to be determined faster than was previously possible. Finally we investigate the stability of m-sequences, in terms of both k-error linear complexity and k-error period. We show that such sequences are inherently stable, but show that some are more stable than others

Path isomorphisms between quiver Hecke and diagrammatic Bott-Samelson endomorphism algebras

We construct an explicit isomorphism between (truncations of) quiver Hecke algebras and Elias-Williamson's diagrammatic endomorphism algebras of Bott-Samelson bimodules. As a corollary, we deduce that the decomposition numbers of these algebras (including as examples the symmetric groups and generalised blob algebras) are tautologically equal to the associated $p$-Kazhdan-Lusztig polynomials, provided that the characteristic is greater than the Coxeter number. We hence give an elementary and more explicit proof of the main theorem of Riche-Williamson's recent monograph and extend their categorical equivalence to cyclotomic Hecke algebras, thus solving Libedinsky-Plaza's categorical blob conjecture

Usability of structured lattices for a post-quantum cryptography: practical computations, and a study of some real Kummer extensions

Lattice-based cryptography is an excellent candidate for post-quantum cryptography, i.e. cryptosystems which are resistant to attacks run on quantum computers. For efficiency reason, most of the constructions explored nowadays are based on structured lattices, such as module lattices or ideal lattices. The security of most constructions can be related to the hardness of retrieving a short element in such lattices, and one does not know yet to what extent these additional structures weaken the cryptosystems. A related problem – which is an extension of a classical problem in computational number theory – called the Short Principal Ideal Problem (or SPIP), consists of finding a short generator of a principal ideal. Its assumed hardness has been used to build some cryptographic schemes. However it has been shown to be solvable in quantum polynomial time over cyclotomic fields, through an attack which uses the Log-unit lattice of the field considered. Later, practical results showed that multiquadratic fields were also weak to this strategy. The main general question that we study in this thesis is To what extent can structured lattices be used to build a post-quantum cryptography