Solving the "Isomorphism of Polynomials with Two Secrets" Problem for all Pairs of Quadratic Forms

We study the Isomorphism of Polynomial (IP2S) problem with m=2 homogeneous quadratic polynomials of n variables over a finite field of odd characteristic: given two quadratic polynomials (a, b) on n variables, we find two bijective linear maps (s,t) such that b=t . a . s. We give an algorithm computing s and t in time complexity O~(n^4) for all instances, and O~(n^3) in a dominant set of instances. The IP2S problem was introduced in cryptography by Patarin back in 1996. The special case of this problem when t is the identity is called the isomorphism with one secret (IP1S) problem. Generic algebraic equation solvers (for example using Gr\"obner bases) solve quite well random instances of the IP1S problem. For the particular cyclic instances of IP1S, a cubic-time algorithm was later given and explained in terms of pencils of quadratic forms over all finite fields; in particular, the cyclic IP1S problem in odd characteristic reduces to the computation of the square root of a matrix. We give here an algorithm solving all cases of the IP1S problem in odd characteristic using two new tools, the Kronecker form for a singular quadratic pencil, and the reduction of bilinear forms over a non-commutative algebra. Finally, we show that the second secret in the IP2S problem may be recovered in cubic time

Combinatorial resultants in the algebraic rigidity matroid

Motivated by a rigidity-theoretic perspective on the Localization Problem in 2D, we develop an algorithm for computing circuit polynomials in the algebraic rigidity matroid CMn associated to the Cayley-Menger ideal for n points in 2D. We introduce combinatorial resultants, a new operation on graphs that captures properties of the Sylvester resultant of two polynomials in the algebraic rigidity matroid. We show that every rigidity circuit has a construction tree from K4 graphs based on this operation. Our algorithm performs an algebraic elimination guided by the construction tree, and uses classical resultants, factorization and ideal membership. To demonstrate its effectiveness, we implemented our algorithm in Mathematica: it took less than 15 seconds on an example where a Gröbner Basis calculation took 5 days and 6 hrs

Maximal directional operators along algebraic varieties

We establish the sharp growth order, up to epsilon losses, of the $L^2$-norm of the maximal directional averaging operator along a finite subset $V$ of a polynomial variety of arbitrary dimension $m$, in terms of cardinality. This is an extension of the works by C\'ordoba, for one-dimensional manifolds, Katz for the circle in two dimensions, and Demeter for the 2-sphere. For the case of directions on the two-dimensional sphere we improve by a factor of $\sqrt{\log N}$ on the best known bound, due to Demeter, and we obtain a sharp estimate for our model operator. Our results imply new $L^2$-estimates for Kakeya-type maximal functions with tubes pointing along polynomial directions. Our proof technique is novel and in particular incorporates an iterated scheme of polynomial partitioning on varieties adapted to directional operators, in the vein of Guth, Guth-Katz, and Zahl.Comment: 34 pages, final version, incorporates the comments of the anonymous referees; to appear in Amer. J. Mat

Computational Methods for OI-Modules

Computational commutative algebra has become an increasingly popular area of research. Central to the theory is the notion of a Gröbner basis, which may be thought of as a nonlinear generalization of Gaussian elimination. In 2019, Nagel and Römer introduced FI- and OI-modules over FI- and OI-algebras, which provide a framework for studying sequences of related modules defined over sequences of related polynomial rings. In particular, they laid the foundations of a theory of Gröbner bases for certain classes of OI-modules. In this dissertation we develop an OI-analog of Buchberger\u27s algorithm in order to compute such Gröbner bases, as well as an OI-analog of Schreyer\u27s theorem to compute their modules of syzygies. We also give an application of our results to the computation of free OI-resolutions, and showcase our Macaulay2 package OIGroebnerBases.m2\u27\u27 which implements these constructions. Lastly, we show how our results can be tweaked to compute free FI-resolutions

The Price of Verifiability: Lower Bounds for Verifiable Random Functions

Verifiable random functions (VRFs) are a useful extension of pseudorandom functions for which it is possible to generate a proof that a certain image is indeed the correct function value (relative to a public verification key). Due to their strong soundness requirements on such proofs, VRFs are notoriously hard to construct, and existing constructions suffer either from complex proofs (for function images), or rely on complex and non-standard assumptions. In this work, we attempt to explain this phenomenon. We show that for a large class of pairing-based VRFs, it is not possible to obtain short proofs and a reduction to a simple assumption simultaneously. Since the class of consecutively verifiable VRFs we consider contains in particular the VRF of Lysyanskaya and that of Dodis-Yampolskiy, our results explain the large proof size, resp. the complex assumption of these VRFs