The Random Oracle Methodology, Revisited

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called "cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a "good implementation" of a random oracle, pointing out limitations and challenges.Comment: 31 page

Bayesian Symbol Detection in Wireless Relay Networks via Likelihood-Free Inference

This paper presents a general stochastic model developed for a class of cooperative wireless relay networks, in which imperfect knowledge of the channel state information at the destination node is assumed. The framework incorporates multiple relay nodes operating under general known non-linear processing functions. When a non-linear relay function is considered, the likelihood function is generally intractable resulting in the maximum likelihood and the maximum a posteriori detectors not admitting closed form solutions. We illustrate our methodology to overcome this intractability under the example of a popular optimal non-linear relay function choice and demonstrate how our algorithms are capable of solving the previously intractable detection problem. Overcoming this intractability involves development of specialised Bayesian models. We develop three novel algorithms to perform detection for this Bayesian model, these include a Markov chain Monte Carlo Approximate Bayesian Computation (MCMC-ABC) approach; an Auxiliary Variable MCMC (MCMC-AV) approach; and a Suboptimal Exhaustive Search Zero Forcing (SES-ZF) approach. Finally, numerical examples comparing the symbol error rate (SER) performance versus signal to noise ratio (SNR) of the three detection algorithms are studied in simulated examples

The random oracle methodology, revisited

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called “cryptographic hash functions”. The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a “good implementation” of a random oracle, pointing out limitations and challengesAccepted manuscrip

Flexible Bayesian Dynamic Modeling of Correlation and Covariance Matrices

Modeling correlation (and covariance) matrices can be challenging due to the positive-definiteness constraint and potential high-dimensionality. Our approach is to decompose the covariance matrix into the correlation and variance matrices and propose a novel Bayesian framework based on modeling the correlations as products of unit vectors. By specifying a wide range of distributions on a sphere (e.g. the squared-Dirichlet distribution), the proposed approach induces flexible prior distributions for covariance matrices (that go beyond the commonly used inverse-Wishart prior). For modeling real-life spatio-temporal processes with complex dependence structures, we extend our method to dynamic cases and introduce unit-vector Gaussian process priors in order to capture the evolution of correlation among components of a multivariate time series. To handle the intractability of the resulting posterior, we introduce the adaptive $\Delta$-Spherical Hamiltonian Monte Carlo. We demonstrate the validity and flexibility of our proposed framework in a simulation study of periodic processes and an analysis of rat's local field potential activity in a complex sequence memory task.Comment: 49 pages, 15 figure

Correlation-Intractable Hash Functions via Shift-Hiding

A hash function family $\mathcal{H}$ is correlation intractable for a $t$-input relation $\mathcal{R}$ if, given a random function $h$ chosen from $\mathcal{H}$, it is hard to find $x_1,\ldots,x_t$ such that $\mathcal{R}(x_1,\ldots,x_t,h(x_1),\ldots,h(x_t))$ is true. Among other applications, such hash functions are a crucial tool for instantiating the Fiat-Shamir heuristic in the plain model, including the only known NIZK for NP based on the learning with errors (LWE) problem (Peikert and Shiehian, CRYPTO 2019). We give a conceptually simple and generic construction of single-input CI hash functions from shift-hiding shiftable functions (Peikert and Shiehian, PKC 2018) satisfying an additional one-wayness property. This results in a clean abstract framework for instantiating CI, and also shows that a previously existing function family (PKC 2018) was already CI under the LWE assumption. In addition, our framework transparently generalizes to other settings, yielding new results: - We show how to instantiate certain forms of multi-input CI under the LWE assumption. Prior constructions either relied on a very strong ``brute-force-is-best\u27\u27 type of hardness assumption (Holmgren and Lombardi, FOCS 2018) or were restricted to ``output-only\u27\u27 relations (Zhandry, CRYPTO 2016). - We construct single-input CI hash functions from indistinguishability obfuscation (iO) and one-way permutations. Prior constructions relied essentially on variants of fully homomorphic encryption that are impossible to construct from such primitives. This result also generalizes to more expressive variants of multi-input CI under iO and additional standard assumptions

Source coding by efficient selection of ground states clusters

In this letter, we show how the Survey Propagation algorithm can be generalized to include external forcing messages, and used to address selectively an exponential number of glassy ground states. These capabilities can be used to explore efficiently the space of solutions of random NP-complete constraint satisfaction problems, providing a direct experimental evidence of replica symmetry breaking in large-size instances. Finally, a new lossy data compression protocol is introduced, exploiting as a computational resource the clustered nature of the space of addressable states.Comment: 4 pages, 4 figure