4,860 research outputs found
Two new results about quantum exact learning
We present two new results about exact learning by quantum computers. First,
we show how to exactly learn a -Fourier-sparse -bit Boolean function from
uniform quantum examples for that function. This
improves over the bound of uniformly random classical
examples (Haviv and Regev, CCC'15). Our main tool is an improvement of Chang's
lemma for the special case of sparse functions. Second, we show that if a
concept class can be exactly learned using quantum membership
queries, then it can also be learned using classical membership queries. This improves the
previous-best simulation result (Servedio and Gortler, SICOMP'04) by a -factor.Comment: v3: 21 pages. Small corrections and clarification
PPP-Completeness with Connections to Cryptography
Polynomial Pigeonhole Principle (PPP) is an important subclass of TFNP with
profound connections to the complexity of the fundamental cryptographic
primitives: collision-resistant hash functions and one-way permutations. In
contrast to most of the other subclasses of TFNP, no complete problem is known
for PPP. Our work identifies the first PPP-complete problem without any circuit
or Turing Machine given explicitly in the input, and thus we answer a
longstanding open question from [Papadimitriou1994]. Specifically, we show that
constrained-SIS (cSIS), a generalized version of the well-known Short Integer
Solution problem (SIS) from lattice-based cryptography, is PPP-complete.
In order to give intuition behind our reduction for constrained-SIS, we
identify another PPP-complete problem with a circuit in the input but closely
related to lattice problems. We call this problem BLICHFELDT and it is the
computational problem associated with Blichfeldt's fundamental theorem in the
theory of lattices.
Building on the inherent connection of PPP with collision-resistant hash
functions, we use our completeness result to construct the first natural hash
function family that captures the hardness of all collision-resistant hash
functions in a worst-case sense, i.e. it is natural and universal in the
worst-case. The close resemblance of our hash function family with SIS, leads
us to the first candidate collision-resistant hash function that is both
natural and universal in an average-case sense.
Finally, our results enrich our understanding of the connections between PPP,
lattice problems and other concrete cryptographic assumptions, such as the
discrete logarithm problem over general groups
Intersecting Families of Permutations
A set of permutations is said to be {\em k-intersecting} if
any two permutations in agree on at least points. We show that for any
, if is sufficiently large depending on , then the
largest -intersecting subsets of are cosets of stabilizers of
points, proving a conjecture of Deza and Frankl. We also prove a similar result
concerning -cross-intersecting subsets. Our proofs are based on eigenvalue
techniques and the representation theory of the symmetric group.Comment: 'Erratum' section added. Yuval Filmus has recently pointed out that
the 'Generalised Birkhoff theorem', Theorem 29, is false for k > 1, and so is
Theorem 27 for k > 1. An alternative proof of the equality part of the
Deza-Frankl conjecture is referenced, bypassing the need for Theorems 27 and
2
A new class of codes for Boolean masking of cryptographic computations
We introduce a new class of rate one-half binary codes: {\bf complementary
information set codes.} A binary linear code of length and dimension
is called a complementary information set code (CIS code for short) if it has
two disjoint information sets. This class of codes contains self-dual codes as
a subclass. It is connected to graph correlation immune Boolean functions of
use in the security of hardware implementations of cryptographic primitives.
Such codes permit to improve the cost of masking cryptographic algorithms
against side channel attacks. In this paper we investigate this new class of
codes: we give optimal or best known CIS codes of length We derive
general constructions based on cyclic codes and on double circulant codes. We
derive a Varshamov-Gilbert bound for long CIS codes, and show that they can all
be classified in small lengths by the building up construction. Some
nonlinear permutations are constructed by using -codes, based on the
notion of dual distance of an unrestricted code.Comment: 19 pages. IEEE Trans. on Information Theory, to appea
- …