351 research outputs found
Quadratic Goldreich-Levin Theorems
Decomposition theorems in classical Fourier analysis enable us to express a
bounded function in terms of few linear phases with large Fourier coefficients
plus a part that is pseudorandom with respect to linear phases. The
Goldreich-Levin algorithm can be viewed as an algorithmic analogue of such a
decomposition as it gives a way to efficiently find the linear phases
associated with large Fourier coefficients.
In the study of "quadratic Fourier analysis", higher-degree analogues of such
decompositions have been developed in which the pseudorandomness property is
stronger but the structured part correspondingly weaker. For example, it has
previously been shown that it is possible to express a bounded function as a
sum of a few quadratic phases plus a part that is small in the norm,
defined by Gowers for the purpose of counting arithmetic progressions of length
4. We give a polynomial time algorithm for computing such a decomposition.
A key part of the algorithm is a local self-correction procedure for
Reed-Muller codes of order 2 (over \F_2^n) for a function at distance
from a codeword. Given a function f:\F_2^n \to \{-1,1\} at
fractional Hamming distance from a quadratic phase (which is a
codeword of Reed-Muller code of order 2), we give an algorithm that runs in
time polynomial in and finds a codeword at distance at most for
. This is an algorithmic analogue of Samorodnitsky's
result, which gave a tester for the above problem. To our knowledge, it
represents the first instance of a correction procedure for any class of codes,
beyond the list-decoding radius.
In the process, we give algorithmic versions of results from additive
combinatorics used in Samorodnitsky's proof and a refined version of the
inverse theorem for the Gowers norm over \F_2^n
Sampling-based proofs of almost-periodicity results and algorithmic applications
We give new combinatorial proofs of known almost-periodicity results for
sumsets of sets with small doubling in the spirit of Croot and Sisask, whose
almost-periodicity lemma has had far-reaching implications in additive
combinatorics. We provide an alternative (and L^p-norm free) point of view,
which allows for proofs to easily be converted to probabilistic algorithms that
decide membership in almost-periodic sumsets of dense subsets of F_2^n.
As an application, we give a new algorithmic version of the quasipolynomial
Bogolyubov-Ruzsa lemma recently proved by Sanders. Together with the results by
the last two authors, this implies an algorithmic version of the quadratic
Goldreich-Levin theorem in which the number of terms in the quadratic Fourier
decomposition of a given function is quasipolynomial in the error parameter,
compared with an exponential dependence previously proved by the authors. It
also improves the running time of the algorithm to have quasipolynomial
dependence instead of an exponential one.
We also give an application to the problem of finding large subspaces in
sumsets of dense sets. Green showed that the sumset of a dense subset of F_2^n
contains a large subspace. Using Fourier analytic methods, Sanders proved that
such a subspace must have dimension bounded below by a constant times the
density times n. We provide an alternative (and L^p norm-free) proof of a
comparable bound, which is analogous to a recent result of Croot, Laba and
Sisask in the integers.Comment: 28 page
Notes for Miscellaneous Lectures
Here I share a few notes I used in various course lectures, talks, etc. Some
may be just calculations that in the textbooks are more complicated, scattered,
or less specific; others may be simple observations I found useful or curious.Comment: 6 pages. New section 6 adde
Public-key cryptography and invariant theory
Public-key cryptosystems are suggested based on invariants of groups. We give
also an overview of the known cryptosystems which involve groups.Comment: 10 pages, LaTe
Candidate One-Way Functions and One-Way Permutations Based on Quasigroup String Transformations
In this paper we propose a definition and construction of a new family of
one-way candidate functions , where
is an alphabet with elements. Special instances of these functions can have
the additional property to be permutations (i.e. one-way permutations). These
one-way functions have the property that for achieving the security level of
computations in order to invert them, only bits of input are needed.
The construction is based on quasigroup string transformations. Since
quasigroups in general do not have algebraic properties such as associativity,
commutativity, neutral elements, inverting these functions seems to require
exponentially many readings from the lookup table that defines them (a Latin
Square) in order to check the satisfiability for the initial conditions, thus
making them natural candidates for one-way functions.Comment: Submitetd to conferenc
Some Applications of Coding Theory in Computational Complexity
Error-correcting codes and related combinatorial constructs play an important
role in several recent (and old) results in computational complexity theory. In
this paper we survey results on locally-testable and locally-decodable
error-correcting codes, and their applications to complexity theory and to
cryptography.
Locally decodable codes are error-correcting codes with sub-linear time
error-correcting algorithms. They are related to private information retrieval
(a type of cryptographic protocol), and they are used in average-case
complexity and to construct ``hard-core predicates'' for one-way permutations.
Locally testable codes are error-correcting codes with sub-linear time
error-detection algorithms, and they are the combinatorial core of
probabilistically checkable proofs
Lower bounds for constant query affine-invariant LCCs and LTCs
Affine-invariant codes are codes whose coordinates form a vector space over a
finite field and which are invariant under affine transformations of the
coordinate space. They form a natural, well-studied class of codes; they
include popular codes such as Reed-Muller and Reed-Solomon. A particularly
appealing feature of affine-invariant codes is that they seem well-suited to
admit local correctors and testers.
In this work, we give lower bounds on the length of locally correctable and
locally testable affine-invariant codes with constant query complexity. We show
that if a code is an -query
locally correctable code (LCC), where is a finite field and
is a finite alphabet, then the number of codewords in is
at most . Also, we show that if
is an -query locally testable
code (LTC), then the number of codewords in is at most
. The dependence on in these
bounds is tight for constant-query LCCs/LTCs, since Guo, Kopparty and Sudan
(ITCS `13) construct affine-invariant codes via lifting that have the same
asymptotic tradeoffs. Note that our result holds for non-linear codes, whereas
previously, Ben-Sasson and Sudan (RANDOM `11) assumed linearity to derive
similar results.
Our analysis uses higher-order Fourier analysis. In particular, we show that
the codewords corresponding to an affine-invariant LCC/LTC must be far from
each other with respect to Gowers norm of an appropriate order. This then
allows us to bound the number of codewords, using known decomposition theorems
which approximate any bounded function in terms of a finite number of
low-degree non-classical polynomials, upto a small error in the Gowers norm
QUAD: Overview and Recent Developments
We give an outline of the specification and provable security
features of the QUAD stream cipher proposed at Eurocrypt 2006.
The cipher relies on the iteration of a multivariate system of quadratic
equations over a finite field, typically GF(2) or a small extension. In the
binary case, the security of the keystream generation can be related, in
the concrete security model, to the conjectured intractability of the MQ
problem of solving a random system of m equations in n unknowns. We
show that this security reduction can be extended to incorporate the key
and IV setup and provide a security argument related to the whole stream
cipher.We also briefly address software and hardware performance issues
and show that if one is willing to pseudorandomly generate the systems
of quadratic polynomials underlying the cipher, this leads to suprisingly
inexpensive hardware implementations of QUAD
- …