The irreducible vectors of a lattice:Some theory and applications

The main idea behind lattice sieving algorithms is to reduce a sufficiently large number of lattice vectors with each other so that a set of short enough vectors is obtained. It is therefore natural to study vectors which cannot be reduced. In this work we give a concrete definition of an irreducible vector and study the properties of the set of all such vectors. We show that the set of irreducible vectors is a subset of the set of Voronoi relevant vectors and study its properties. For extremal lattices this set may contain as many as 2^n vectors, which leads us to define the notion of a complete system of irreducible vectors, whose size can be upperbounded by the kissing number. One of our main results shows thatmodified heuristic sieving algorithms heuristically approximate such a set (modulo sign). We provide experiments in low dimensions which support this theory. Finally we give some applications of this set in the study of lattice problems such as SVP, SIVP and CVPP. The introduced notions, as well as various results derived along the way, may provide further insights into lattice algorithms and motivate new research into understanding these algorithms better

Sieve, Enumerate, Slice, and Lift: Hybrid Lattice Algorithms for SVP via CVPP

Motivated by recent results on solving large batches of closest vector problem (CVP) instances, we study how these techniques can be combined with lattice enumeration to obtain faster methods for solving the shortest vector problem (SVP) on high-dimensional lattices. Theoretically, under common heuristic assumptions we show how to solve SVP in dimension $d$ with a cost proportional to running a sieve in dimension $d - \Theta(d / \log d)$, resulting in a $2^{\Theta(d / \log d)}$ speedup and memory reduction compared to running a full sieve. Combined with techniques from [Ducas, Eurocrypt 2018] we can asymptotically get a total of $[\log(13/9) + o(1)] \cdot d / \log d$ dimensions \textit{for free} for solving SVP. Practically, the main obstacles for observing a speedup in moderate dimensions appear to be that the leading constant in the $\Theta(d / \log d)$ term is rather small; that the overhead of the (batched) slicer may be large; and that competitive enumeration algorithms heavily rely on aggressive pruning techniques, which appear to be incompatible with our algorithms. These obstacles prevented this asymptotic speedup (compared to full sieving) from being observed in our experiments. However, it could be expected to become visible once optimized CVPP techniques are used in higher dimensional experiments

The irreducible vectors of a lattice: Some theory and applications

The main idea behind lattice sieving algorithms is to reduce a sufficiently large number of lattice vectors with each other so that a set of short enough vectors is obtained, including a basis of the lattice. It is therefore natural to study vectors which cannot be reduced. In this work we give a concrete definition of an irreducible vector and study the properties of the set of all such vectors. We show that the set of irreducible vectors is a subset of the set of relevant vectors and study its properties. For extremal lattices this set may contain as many as $2^n$ vectors, which leads us to define the notion of a complete system of irreducible vectors, whose size can be upper-bounded by the kissing number. We study properties of this set and observe a close relation to heuristic sieving algorithms. Finally we briefly examine the use of this set in the study of lattice problems such as SVP, SIVP and CVPP. The introduced notions, as well as various results derived along the way, may provide further insights into lattice algorithms and motivate new research into understanding these algorithms better

On the shortness of vectors to be found by the Ideal-SVP quantum algorithm

The hardness of finding short vectors in ideals of cyclotomic number fields (hereafter, Ideal-SVP) can serve as a worst-case assumption for numerous efficient cryptosystems, via the average-case problems Ring-SIS and Ring-LWE. For a while, it could be assumed the Ideal-SVP problem was as hard a

Influence of Switches and Crossings on Wheel Wear of a Freight Vehicle

Turnouts (Switches & Crossings) are important components in railway networks, as they provide the necessary flexibility for train operations by allowing trains to change among the tracks. But the turnout’s geometry with discontinuity in rail profiles and lack of transition curve causes additional wear both on track and on vehicle. The main goal of this MSc thesis is to investigate the influence of turnouts on wheel wear of a freight vehicle. This will be obtained by simulations in the commercial MBS software GENSYS. The wheel-rail contact is modelled according to Hertz’s theory and Kalker’s simplified theory, with the FASTSIM algorithm, and the wear calculations are performed according to Archard’s law. Wheel wear is estimated by considering variations in parameters which have effect on wheel-rail contact. All these variations are common in daily rail operation, and they are caused by it, i.e. worn wheel profiles, worn crossing nose and different stiffness of the stock and the switch rails at the beginning of the turnout. Moreover, the wheel wear is calculated for both possible directions which a vehicle can run, the diverging and the straight direction of the turnout. Especially for the straight direction, various running speeds have been tested as the speed limit when the vehicle follows the straight direction is higher than for the diverging part. Running with worn wheel profiles has the greatest impact in terms of increasing the wheel wear, especially on the outer part of wheel tread. In addition, the worn crossing nose results in increased wheel wear in this area. The results of the simulations concerning the different stiffness showed that the wheel wear caused by the contact of wheel and stock rail increases whereas the wear caused by the contact with the switch rail is kept at about the same level or decreases. It is concluded that turnouts have a significant impact on wheel wear, mainly because of the discontinuity in rail geometry and all the investigated parameters increase this impact. Moreover, great differences in wear values for areas close to each other are observed, mainly because of the wear coefficient values chosen in Archard’s wear map

A new two level multi-objective optimization method in aerodynamics, based on evolutionary algorithms and the derivative of the utility function

194 σ.Η παρούσα διπλωματική εργασία εντάσσεται στην περιοχή της πολυκριτηριακής αεροδυναμικής βελτιστοποίησης μορφών, μέσω του υβριδισμού των εξελικτικών αλγορίθμων με αιτιοκρατικές μεθόδους τοπικής βελτίωσης των «καλύτερων» μελών του τρέχοντος πληθυσμού. Έτσι, μια ιδέα- ένας αλγόριθμος βελτιστοποίησης που ήδη εφαρμόζεται επιτυχημένα σε μονοκριτηριακά προβλήματα επεκτείνεται και σε πολυκριτηριακά. Οι αιτιοκρατικές μέθοδοι βελτιστοποίησης απαιτούν τον υπολογισμό παραγώγων των συναρτήσεων-στόχων και αυτό υλοποιείται μέσω των συζυγών (adjoint) τεχνικών. Ιδιαίτερος στόχος της εργασίας είναι να επιτευχθεί η μέγιστη δυνατή οικονομία σε υπολογιστικό κόστος, ειδικά σε προβλήματα πολλών στόχων, μέσω «έξυπνης» διαχείρισης των κλήσεων προς το λογισμικό των συζυγών μεθόδων. Για την πραγματοποίηση των παραπάνω προτείνεται, προγραμματίζεται και αξιολογείται μια υβριδική μέθοδος διεπίπεδης πολυκριτηριακής βελτιστοποίησης. Ως αιτιοκρατική μέθοδος ανίχνευσης χρησιμοποιείται, χωρίς βλάβη της γενικότητας, ο ακολουθιακός τετραγωνικός προγραμματισμός (SQP). Η πρωτοτυπία της εργασίας αυτής είναι ότι, για λόγους οικονομίας σε υπολογιστικό χρόνο, αντί να υπολογιστούν ξεχωριστά οι παράγωγοι όλων των συναρτήσεων- στόχων ( , , κλπ.) υπολογίζεται απευθείας η παράγωγος της συνάρτησης κόστους Φ η οποία ποσοτικοποιεί την κυριαρχία και γειτνίαση των μελών του τρέχοντος πληθυσμού, στη λογική του μετώπου Pareto στην οποία βασίζεται ο εξελικτικός αλγόριθμος. Συγκεκριμένα, υπολογίζεται το παραγωγίζοντας τη συνάρτηση κόστους της γνωστής μεθόδου SPEA2, αφού πρώτα η βηματική αυτή συνάρτηση προσεγγισθεί με μια συνεχή. Χρησιμοποιώντας «παγωμένη πληροφορία» για το Φ, απαιτείται τελικά μόνο μια κλήση της συζυγούς μεθόδου (αντί των Κ, για Κ στόχους), γεγονός που επαυξάνει την οικονομία (που ήδη προσφέρει η χρήση υβριδικής μεθόδου). Αρχικά, η προτεινόμενη υβριδική μέθοδος εφαρμόστηκε σε μία αριθμητική εφαρμογή και σε μια απλοποιημένη εφαρμογή βελτιστοποίησης αεροσκάφους, για να διαπιστωθεί η αποτελεσματικότητά της και να προσδιοριστούν κάποιες παράμετροι που οδηγούν στην καλύτερη λειτουργία της. Τέλος, εφαρμόστηκε σε δύο «πραγματικά» αεροδυναμικά προβλήματα. Το πρώτο αφορά στη βελτιστοποίηση της μορφής μιας μεμονωμένης αεροτομής και το δεύτερο στη βελτιστοποίηση της αεροτομής μιας σταθερής πτερύγωσης συμπιεστή.This diploma thesis belongs to the area of multi-objective optimization aerodynamic problems, through hybridization of evolutionary algorithms with deterministic methods in order to improve locally the “best” members of the current population. Thus, an idea- an optimization algorithm, which is already applied in single-objective problems, is also extended to multi-objective problems. The deterministic optimization methods require the calculation of the derivatives of the objective functions, which is materialized by adjoint methods. This thesis is particularly focused to achieve maximum economy in computational cost, especially to problems of many objectives, through managing “smartly” the calls to the software of adjoint methods. To achieve the above goals, a hybrid two-level multi-objective optimization method is proposed, planned and evaluated. As a deterministic method is used the sequential quadratic programming (SQP), without harming the generality. The originality of this work is that instead of being calculating separately the derivatives of each objective ( , , etc.), for low computational cost reasons, the derivative of the utility function Φ is directly calculated, which quantifies the dominance and proximity of the members of the current population. This is the logic of Pareto front on which the evolutionary algorithm is based. Specifically, the Heaviside function is approached by a constant and then the is estimated by computing the derivative of the SPEA2 utility function. Using “frozen information” on function Φ, there is the need of only one call of the adjoint method (instead of K for K objectives), which increases the economy further (as hybrid methods is characterized by that).Εμμανουήλ Σ. Δουλγεράκη

Influence of switches and crossings on wheel profile evolution in freight vehicles

Wheel reprofiling costs for freight vehicles are a major issue in Sweden, reducing the profitability of freight traffic operations and therefore hindering the modal shift needed for achieving reduced emissions. In order to understand the damage modes in freight vehicles, uniform wear prediction with Archard's wear law has been studied in a two-axle timber transport wagon, and simulation results have been compared to measurements. Challenges of wheel wear prediction in freight wagons are discussed, including the influence of block brakes and switches and crossings. The latter have a major influence on the profile evolution of this case study, so specific simulations are performed and a thorough discussion is carried out.QC 20140617</p

The irreducible vectors of a lattice: Some theory and applications

The main idea behind lattice sieving algorithms is to reduce a sufficiently large number of lattice vectors with each other so that a set of short enough vectors is obtained. It is therefore natural to study vectors which cannot be reduced. In this work we give a concrete definition of an irreducible vector and study the properties of the set of all such vectors. We show that the set of irreducible vectors is a subset of the set of Voronoi relevant vectors and study its properties. For extremal lattices this set may contain as many as 2^n vectors, which leads us to define the notion of a complete system of irreducible vectors, whose size can be upperbounded by the kissing number. One of our main results shows thatmodified heuristic sieving algorithms heuristically approximate such a set (modulo sign). We provide experiments in low dimensions which support this theory. Finally we give some applications of this set in the study of lattice problems such as SVP, SIVP and CVPP. The introduced notions, as well as various results derived along the way, may provide further insights into lattice algorithms and motivate new research into understanding these algorithms better

Finding closest lattice vectors using approximate voronoi cells

The two traditional hard problems underlying the security of lattice-based cryptography are the shortest vector problem (SVP) and the closest vector problem (CVP). For a long time, lattice enumeration was considered the fastest method for solving these problems in high dimensions, but recent work on memory-intensive methods has resulted in lattice sieving overtaking enumeration both in theory and in practice. Some of the recent improvements [Ducas, Eurocrypt 2018; Laarhoven–Mariano, PQCrypto 2018; Albrecht–Ducas–Herold–Kirshanova–Postlethwaite–Stevens, 2018] are based on the fact that these methods find more than just one short lattice vector, and this additional data can be reused effectively later on to solve other, closely related problems faster. Similarly, results for the preprocessing version of CVP (CVPP) have demonstrated that once this initial data has been generated, instances of CVP can be solved faster than when solving them directly, albeit with worse memory complexities [Laarhoven, SAC 2016]. In this work we study CVPP in terms of approximate Voronoi cells, and obtain better time and space complexities using randomized slicing, which is similar in spirit to using randomized bases in lattice enumeration [Gama–Nguyen–Regev, Eurocrypt 2010]. With this approach, we improve upon the state-of-the-art complexities for CVPP, both theoretically and experimentally, with a practical speedup of several orders of magnitude compared to non-preprocessed SVP or CVP. Such a fast CVPP solver may give rise to faster enumeration methods, where the CVPP solver is used to replace the bottom part of the enumeration tree, consisting of a batch of CVP instances in the same lattice. Asymptotically, we further show that we can solve an exponential number of instances of CVP in a lattice in essentially the same amount of time and space as the fastest method for solving just one CVP instance. This is in line with various recent results, showing that perhaps the biggest strength of memory-intensive methods lies in being able to reuse the generated data several times. Similar to [Ducas, Eurocrypt 2018], this further means that we can achieve a “few dimensions for free” for sieving for SVP or CVP, by doing Θ(d/ log d) levels of enumeration on top of a CVPP solver based on approximate Voronoi cells