93 research outputs found
Finding the Median (Obliviously) with Bounded Space
We prove that any oblivious algorithm using space to find the median of a
list of integers from requires time . This bound also applies to the problem of determining whether the median
is odd or even. It is nearly optimal since Chan, following Munro and Raman, has
shown that there is a (randomized) selection algorithm using only
registers, each of which can store an input value or -bit counter,
that makes only passes over the input. The bound also implies
a size lower bound for read-once branching programs computing the low order bit
of the median and implies the analog of for length oblivious branching programs
On the Cognition of States of Affairs
The theory of speech acts put forward by Adolf Reinach in his "The A Priori Foundations of the Civil Law" of 1913 rests on a systematic account of the ontological structures associated with various different sorts of language use. One of the most original features of Reinach's account lies in hIs demonstration of how the ontological structure of, say, an action of promising or of commanding, may be modified in different ways, yielding different sorts of non-standard instances of the corresponding speech act varieties. The present paper is an attempt to apply this idea of standard and modified instances of ontological structures to the realm of judgement and cognition, and thereby to develop a Reinachian theory of how intentionality is mediated through language in acts of thinking and speaking
The Hilbertian Tensor Norm and Entangled Two-Prover Games
We study tensor norms over Banach spaces and their relations to quantum
information theory, in particular their connection with two-prover games. We
consider a version of the Hilbertian tensor norm and its dual
that allow us to consider games with arbitrary output alphabet
sizes. We establish direct-product theorems and prove a generalized
Grothendieck inequality for these tensor norms. Furthermore, we investigate the
connection between the Hilbertian tensor norm and the set of quantum
probability distributions, and show two applications to quantum information
theory: firstly, we give an alternative proof of the perfect parallel
repetition theorem for entangled XOR games; and secondly, we prove a new upper
bound on the ratio between the entangled and the classical value of two-prover
games.Comment: 33 pages, some of the results have been obtained independently in
arXiv:1007.3043v2, v2: an error in Theorem 4 has been corrected; Section 6
rewritten, v3: completely rewritten in order to improve readability; title
changed; references added; published versio
Optimal networks for Quantum Metrology: semidefinite programs and product rules
We investigate the optimal estimation of a quantum process that can possibly
consist of multiple time steps. The estimation is implemented by a quantum
network that interacts with the process by sending an input and processing the
output at each time step. We formulate the search of the optimal network as a
semidefinite program and use duality theory to give an alternative expression
for the maximum payoff achieved by estimation. Combining this formulation with
a technique devised by Mittal and Szegedy we prove a general product rule for
the joint estimation of independent processes, stating that the optimal joint
estimation can achieved by estimating each process independently, whenever the
figure of merit is of a product form. We illustrate the result in several
examples and exhibit counterexamples showing that the optimal joint network may
not be the product of the optimal individual networks if the processes are not
independent or if the figure of merit is not of the product form. In
particular, we show that entanglement can reduce by a factor K the variance in
the estimation of the sum of K independent phase shifts.Comment: 19 pages, no figures, published versio
Multi-Input Functional Encryption with Unbounded-Message Security
Multi-input functional encryption (MIFE) was introduced by Goldwasser \emph{et al.} (EUROCRYPT 2014) as a compelling extension of functional encryption. In MIFE, a receiver is able to compute a joint function of multiple, independently encrypted plaintexts. Goldwasser \emph{et al.} (EUROCRYPT 2014) show various applications of MIFE to running SQL queries over encrypted databases, computing over encrypted data streams, etc.
The previous constructions of MIFE due to Goldwasser \emph{et al.} (EUROCRYPT 2014) based on indistinguishability obfuscation had a major shortcoming: it could only support encrypting an \emph{a priori bounded} number of message. Once that bound is exceeded, security is no longer guaranteed to hold. In addition, it could only support \emph{selective-security}, meaning that the challenge messages and the set of ``corrupted\u27\u27 encryption keys had to be declared by the adversary up-front.
In this work, we show how to remove these restrictions by relying instead on \emph{sub-exponentially secure} indistinguishability obfuscation. This is done by carefully adapting an alternative MIFE scheme of Goldwasser \emph{et al.} that previously overcame these shortcomings (except for selective security wrt.~the set of ``corrupted\u27\u27 encryption keys) by relying instead on differing-inputs obfuscation, which is now seen as an implausible assumption. Our techniques are rather generic, and we hope they are useful in converting other constructions using differing-inputs obfuscation to ones using sub-exponentially secure indistinguishability obfuscation instead
Amplifying the Security of Functional Encryption, Unconditionally
Security amplification is a fundamental problem in cryptography. In this work, we study security amplification for functional encryption (FE). We show two main results:
1) For any constant epsilon in (0,1), we can amplify any FE scheme for P/poly which is epsilon-secure against all polynomial sized adversaries to a fully secure FE scheme for P/poly, unconditionally.
2) For any constant epsilon in (0,1), we can amplify any FE scheme for P/poly which is epsilon-secure against subexponential sized adversaries to a fully subexponentially secure FE scheme for P/poly, unconditionally.
Furthermore, both of our amplification results preserve compactness of the underlying FE scheme. Previously, amplification results for FE were only known assuming subexponentially secure LWE.
Along the way, we introduce a new form of homomorphic secret sharing called set homomorphic secret sharing that may be of independent interest. Additionally, we introduce a new technique, which allows one to argue security amplification of nested primitives, and prove a general theorem that can be used to analyze the security amplification of parallel repetitions
On Tightly Secure Primitives in the Multi-Instance Setting
We initiate the study of general tight reductions in cryptography. There already exist a variety of works that offer tight reductions for a number of cryptographic tasks, ranging from encryption and signature schemes to proof systems. However, our work is the first to provide a universal definition of a tight reduction (for arbitrary primitives), along with several observations and results concerning primitives for which tight reductions have not been known.
Technically, we start from the general notion of reductions due to Reingold, Trevisan, and Vadhan (TCC 2004), and equip it with a quantification of the respective reduction loss, and a canonical multi-instance extension to primitives. We then revisit several standard reductions whose tight security
has not yet been considered. For instance, we revisit a generic construction of signature schemes from one-way functions, and show how to tighten the corresponding reduction by assuming collision-resistance from the used one-way function. We also obtain tightly secure pseudorandom generators (by using suitable rerandomisable hard-core predicates), and tightly secure lossy trapdoor functions
- …